Add support for Lets Encrypt cert
RaananHadar opened this issue · comments
Just wanted to say that this is an extremely cool project!
I fully understand that this is a beta and this can take awhile. I really hope for being able to get a lets encrypt cert instead of a manual cert when possible.
My temporary workaround is having a cronjob run 30mins after the certbot one and copying the certs to the iredmail/data/ssl
folder on the host giving them the right names.
cert.pem -> cert.pem
fullchain.pem -> combined.pem
privkey.pem -> key.pem
Then I restart the entire container since I found just restarting the services postfix, dovecot, nginx, mysql
leaves them broken sometimes.
P.S.: having it be able to identify the letsencrypt/certbot names would be very cool tho
Hi, I have a similar problem,
When replacing said files the server nginx dosn't start anymore, it just keeps crashing,
I suspect this is because of the dhparam files.
@DerZombiiie For me it works as expected but you have to absolutely make sure to copy the file and not use symlinks and obviously rename them accordingly.
oh, thats the problem, I used symlinks.
Thanks a lot!
I have my keys as .crt (R3, ISRG Root X1 and DST Root CA X3 certificates inside) and .key (EC private key inside). How should I convert it to key.pem
, cert.pem
and combined.pem
and restart all services automatically when the certificates change?
I have my keys as .crt (R3, ISRG Root X1 and DST Root CA X3 certificates inside) and .key (EC private key inside). How should I convert it to
key.pem
,cert.pem
andcombined.pem
and restart all services automatically when the certificates change?
Just extract the certificate from the .crt
since that would be the combined file
I mount the entire /etc/letsencrypt folder into the iredmail docker under /etc/letsencrypt and create symlinks in /opt/iremail/ssl to point to the correct key and pem files. My cron job will try to update the cert file every month and will restart the container if the cert is updated. So far no issues.