Skip to content
This repository was archived by the owner on Dec 1, 2024. It is now read-only.

Add support for Lets Encrypt cert #97

Open
RaananHadar opened this issue Feb 4, 2022 · 8 comments
Open

Add support for Lets Encrypt cert #97

RaananHadar opened this issue Feb 4, 2022 · 8 comments

Comments

@RaananHadar
Copy link

Just wanted to say that this is an extremely cool project!

I fully understand that this is a beta and this can take awhile. I really hope for being able to get a lets encrypt cert instead of a manual cert when possible.
@BigBrainAFK
Copy link

BigBrainAFK commented Apr 3, 2022
edited
Loading

My temporary workaround is having a cronjob run 30mins after the certbot one and copying the certs to the iredmail/data/ssl folder on the host giving them the right names.

cert.pem -> cert.pem
fullchain.pem -> combined.pem
privkey.pem -> key.pem

Then I restart the entire container since I found just restarting the services postfix, dovecot, nginx, mysql leaves them broken sometimes.

P.S.: having it be able to identify the letsencrypt/certbot names would be very cool tho

@rilendorf
Copy link

Hi, I have a similar problem,

When replacing said files the server nginx dosn't start anymore, it just keeps crashing,
I suspect this is because of the dhparam files.

@BigBrainAFK
Copy link

@DerZombiiie For me it works as expected but you have to absolutely make sure to copy the file and not use symlinks and obviously rename them accordingly.

@rilendorf
Copy link

oh, thats the problem, I used symlinks.
Thanks a lot!

@tpimh
Copy link
Contributor

tpimh commented Apr 16, 2022

I have my keys as .crt (R3, ISRG Root X1 and DST Root CA X3 certificates inside) and .key (EC private key inside). How should I convert it to key.pem, cert.pem and combined.pem and restart all services automatically when the certificates change?

@BigBrainAFK
Copy link

I have my keys as .crt (R3, ISRG Root X1 and DST Root CA X3 certificates inside) and .key (EC private key inside). How should I convert it to key.pem, cert.pem and combined.pem and restart all services automatically when the certificates change?

Just extract the certificate from the .crt since that would be the combined file

@fleek
Copy link

fleek commented Jul 21, 2022

I mount the entire /etc/letsencrypt folder into the iredmail docker under /etc/letsencrypt and create symlinks in /opt/iremail/ssl to point to the correct key and pem files. My cron job will try to update the cert file every month and will restart the container if the cert is updated. So far no issues.

@homuraLan
Copy link

My temporary workaround is having a cronjob run 30mins after the certbot one and copying the certs to the iredmail/data/ssl folder on the host giving them the right names.

cert.pem -> cert.pem
fullchain.pem -> combined.pem
privkey.pem -> key.pem

Then I restart the entire container since I found just restarting the services postfix, dovecot, nginx, mysql leaves them broken sometimes.

P.S.: having it be able to identify the letsencrypt/certbot names would be very cool tho

Solved my problem, thank you

@smyers119 smyers119 mentioned this issue Dec 23, 2023
Open
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@tpimh @fleek @RaananHadar @BigBrainAFK @rilendorf @homuraLan