use Let'sEncrypt specific domain ssl on mail server per domain
i tried tricking dovecot adding this :
local domain.tld {
protocol imap {
sslcert = </opt/psa/var/modules/letsencrypt/etc/live/domain.tld/fullchain.pem
sslkey = </opt/psa/var/modules/letsencrypt/etc/live/domain.tld/privkey.pem
}
}
it worked, for Imap !
but trying the equivalent on postfix, didn't work for smtp
-o smtpdtlskeyfile=/opt/psa/var/modules/letsencrypt/etc/live/domain.tld/privkey.pem -o smtpdtlscertfile=/opt/psa/var/modules/letsencrypt/etc/live/domain.tld/fullchain.pem
Plesk automatically creates mail.domain.tld on DNS, and if you see information about how to log to the email: it says connect on domain.tld
but it throws a warning about the original ssl certificate.
It could be so good if everything were automatic, the Plesk way :)
mad
shared this idea
I think this feature request is addressing SNI. SNI with Let's Encrypt certificates has been around in Plesk for a long while. To use your own custom mail domain with SSL, simply take these two steps:
1) When you create or reissue the SSL certificate, check "Assign the certificate to the mail domain".
2) In the "Mail Settings" of your domain, select that certificate from the drop down box "SSL/TLS certificate for mail" and store the change.
-- PD