This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

Lets Encrypt TLS set up
#1
Lets Encrypt TLS set up
Happy Weekend to ALL.
let me start by saying thanks to all the hard work you guys/girls put into Sentora.
I've spent the last 2 days wading through endless posts & threads
all asking the same question with different answers.
Could not fing a strainght forward guide...
I also done hundreds of searches on the forum for the simple answer..


this is what i've done so far is:

1. used this thread http://forums.sentora.org/showthread.php?tid=2535
(Secure Sentora Domains with Let's Encrypt)
to get cert for
mail.domain.tld

2. used this thread http://forums.sentora.org/showthread.php?tid=46
(Ubuntu: How to setup TLS on postfix and dovecot)
started at no3


Code:
nano /etc/postfix/main.cf

4: find # tls config and added

smtp_use_tls = no
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
smtpd_tls_key_file = /etc/letsencrypt/live/mail.domain.tld/privkey.pem
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.domain.tld/cert.pem
smtpd_tls_CAfile = /etc/letsencrypt/live/mail.domain.tld/fullchain.pem

and removed  what was there before Smile
------------------------------------------------

5: edit master.cf (did what the guide said)

------------------------------------------------

6: configure Dovecot

Code:
Code:
nano /etc/dovecot/dovecot.conf

and changed
Code:
ssl = no to ssl = yes
  and added this below it:

ssl_key = </etc/letsencrypt/live/mail.domain.tld/privkey.pem
ssl_cert = </etc/letsencrypt/live/mail.domain.tld/cert.pem
ssl_ca = </etc/letsencrypt/live/mail.domain.tld/fullchain.pem

Code:
Code:
service postfix restart
service dovecot restart

CHECKED at
http://www.checktls.com/perl/TestReceiver.pl

EVERYTHING Green OK
Thanks given by: FernandoGarcia


Possibly Related Threads…
Thread Author Replies Views Last Post
suhosin.session.encrypt error With Https MET4LG0D 7 30 ,478 04-05-2020, 09:38 PM
Last Post: iraqiboy90

Forum Jump:


Users browsing this thread: 2 Guest(s)