nowiresltd
Verified User
- Joined
- Oct 6, 2014
- Messages
- 6
Hi all
I have tried on and off for a few weeks to try and get
IMAP / POP3 and SMTP to work with the Lets Encrypt SSL's which work just fine for HTTP(s)
I have followed this - https://www.directadmin.com/features.php?id=2019 on two different systems with fresh domains (one system is debian and the other centos)
I get the same result on both.
openssl s_client -connect mail.domain2:465 -crlf
openssl s_client -connect mail.domain2:993 -crlf
openssl s_client -connect mail.domain2:25 -starttls smtp
They always return the localhost (self signed cert)
/usr/local/directadmin/directadmin c | grep sni
enable_ssl_sni=1
mail_sni=1
/usr/local/directadmin/directadmin c | grep letsen
letsencrypt=1
letsencrypt_renewal_days=60
letsencrypt_renewal_failure_notice_after_attempt=5
letsencrypt_disable_renew_after_renew_failure=0
letsencrypt_max_requests_per_week=100
letsencrypt_multidomain_cert=2
letsencrypt_renewal_success_notice=0
letsencrypt_renewal_notice_to_admins=1
letsencrypt_renewal_error_to_users=1
renew_letsencrypt_on_suspended_domain=0
letsencrypt_account_email=0
letsencrypt_list=www:mail:ftpop:smtp
letsencrypt_list_selected=www
cat /etc/dovecot/conf.d/95-sni.conf
!include_try /etc/dovecot/conf/sni/*.conf
ll /etc/dovecot/conf/sni/*.conf
-rw-r--r-- 1 root root 1336 Jul 14 09:57 /etc/dovecot/conf/sni/domain1.conf
-rw-r--r-- 1 root root 594 Jul 14 09:57 /etc/dovecot/conf/sni/domain2.conf
-rw-r--r-- 1 root root 1174 Jul 14 09:57 /etc/dovecot/conf/sni/domain3.conf
cat /etc/dovecot/conf/sni/domain2.conf
local_name mail.domain2 {
ssl_cert = </usr/local/directadmin/data/users/admin/domains/domain2.cert.combined
ssl_key = </usr/local/directadmin/data/users/admin/domains/domain2.key
}
local_name domain2 {
ssl_cert = </usr/local/directadmin/data/users/admin/domains/domain2.cert.combined
ssl_key = </usr/local/directadmin/data/users/admin/domains/domain2.key
}
local_name www.domain2 {
ssl_cert = </usr/local/directadmin/data/users/admin/domains/domain2.cert.combined
ssl_key = </usr/local/directadmin/data/users/admin/domains/domain2.key
}
Anything I have missed
Thanks in advance.
I have tried on and off for a few weeks to try and get
IMAP / POP3 and SMTP to work with the Lets Encrypt SSL's which work just fine for HTTP(s)
I have followed this - https://www.directadmin.com/features.php?id=2019 on two different systems with fresh domains (one system is debian and the other centos)
I get the same result on both.
openssl s_client -connect mail.domain2:465 -crlf
openssl s_client -connect mail.domain2:993 -crlf
openssl s_client -connect mail.domain2:25 -starttls smtp
They always return the localhost (self signed cert)
/usr/local/directadmin/directadmin c | grep sni
enable_ssl_sni=1
mail_sni=1
/usr/local/directadmin/directadmin c | grep letsen
letsencrypt=1
letsencrypt_renewal_days=60
letsencrypt_renewal_failure_notice_after_attempt=5
letsencrypt_disable_renew_after_renew_failure=0
letsencrypt_max_requests_per_week=100
letsencrypt_multidomain_cert=2
letsencrypt_renewal_success_notice=0
letsencrypt_renewal_notice_to_admins=1
letsencrypt_renewal_error_to_users=1
renew_letsencrypt_on_suspended_domain=0
letsencrypt_account_email=0
letsencrypt_list=www:mail:ftpop:smtp
letsencrypt_list_selected=www
cat /etc/dovecot/conf.d/95-sni.conf
!include_try /etc/dovecot/conf/sni/*.conf
ll /etc/dovecot/conf/sni/*.conf
-rw-r--r-- 1 root root 1336 Jul 14 09:57 /etc/dovecot/conf/sni/domain1.conf
-rw-r--r-- 1 root root 594 Jul 14 09:57 /etc/dovecot/conf/sni/domain2.conf
-rw-r--r-- 1 root root 1174 Jul 14 09:57 /etc/dovecot/conf/sni/domain3.conf
cat /etc/dovecot/conf/sni/domain2.conf
local_name mail.domain2 {
ssl_cert = </usr/local/directadmin/data/users/admin/domains/domain2.cert.combined
ssl_key = </usr/local/directadmin/data/users/admin/domains/domain2.key
}
local_name domain2 {
ssl_cert = </usr/local/directadmin/data/users/admin/domains/domain2.cert.combined
ssl_key = </usr/local/directadmin/data/users/admin/domains/domain2.key
}
local_name www.domain2 {
ssl_cert = </usr/local/directadmin/data/users/admin/domains/domain2.cert.combined
ssl_key = </usr/local/directadmin/data/users/admin/domains/domain2.key
}
Anything I have missed
Thanks in advance.