Hi, I can deploy successfully the let's encrypt ssl, and on the browser, everything looks good.
What I do is:
I have email.domain.net
So I create a domain on the admin UI: domain.net
And then create a virtual host for the subdomain: email.domain.net.
I got the certificate validated on the browser and says it's valid.
Now when I add one account for example on the gmail app or mailbird via smtp port 993 and 587, I get that the certificate is not valid.
What I'm missing? Or do I need to create the certificate on the terminal like Zimbra used to?
@georgemr
Hi,
Could you please try this method and let us know your feedback?
Article on How to Deploy Let's Encrypt SSL Using CLI in Carbonio CE
Meanwhile, I will test something myself which could take some time.
I hope you would understand.
Regards,
Sharif
I guess you're connecting to email.domain.tld with SMTP.
And I think the problem with LetsEncrypt method is that it only manages the certificates that goes in the reverse-proxy (nginx, for https, imaps and pop3s), not the certificate for the MTA (postfix).
Postfix doesn't know how to handle several certificate, you can only have one.
Right now, I guess (but could be wrong) that the certificate in postfix is "server.domain.tld" (the server name when you setup Carbonio), it's the self-signed certificate created during the setup.
@klug you're mostly right.... but we can replace that self-signed certificate by a valid let's encrypt one.
I wrote an article explaining that and how to do it:
https://www.anahuac.eu/lets-encrypt-on-carbonio-system-root-with-acme-sh/
Hope it helps
Yes you can, obviously.
But not with the "integrated in WebAdmin of Carbonio" method.