I finally got the process down with certbot-->openssl-->keytool to get
LetsEncrypt certs and convert them to keystore files for SMTP and IMAP.
One question... Since LetsEncrypt requires renewing the certs every 90
days, does that also add a requirement to re-generate the keystore files
if ther
hi Jerry
Not sure how helpful this is, but I mention it just in case
https://dmatthews.org/java_email.html#imaps
discusses imaps with james.
I use a self signed cert and TBH not sure what extra LetsEncrypt offers you
over that, but I produce the key with
keytool -genkey -alias james -keyalg R
Hi,
Thanks for sharing the article David.
I would go for letsencrypt + nginx imap proxy .
https://docs.nginx.com/nginx/admin-guide/mail-proxy/mail-proxy/
It should be very easy with Docker. I'm planning to do that in the next
two weeks and write an article about it.
Regards,
Eugen
La 12.05.2
David,
That's good info in the article. But my question was does the
keytool-generated file expire as well when the underlying cert
(LetsEncrypt or self-signed cert) expires? Or can I simply renew the
underlying cert without having to re-execute the keytool step each time
the cert auto-rene
>David,
>
>That's good info in the article. But my question was does the
>keytool-generated file expire as well when the underlying cert
>(LetsEncrypt or self-signed cert) expires? Or can I simply renew the
>underlying cert without having to re-execute the keytool step each time
>the cert aut
I have a lot of customers that use Thunderbird, Outlook, iPhone, etc to
access their mail. All of these scream if the certificate is expired.
I'm not having any problems per se. I use a three step process with
LetsEncrypt, openssl, and keytool. Everything functions fine.
LetsEncrypt has a
hi Jerry
I do take your point as I only offer webmail access.
However, debian (for instance) offers scripts as part of both its exim4 and
dovecot packages, purpose of which is to create certificates. I don't think
they ever did that for apache.
So I can't see that they would do that if outlook
