Another Mail Server with same IP Address

ahmedvolks · May 19, 2019, 7:44pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
Ahmed

Hi! I have a mail server ubuntu 16.04 and I well replace it with ubuntu 18.04 using this tutorial:
https://www.exratione.com/2019/02/a-mailserver-on-ubuntu-18-04-postfix-dovecot-mysql/

Whe I arrived to the line:
Set Up an Automatically Renewed SSL Certificate with Let’s Encrypt

Note: I’m installing the new server with another Public IPaddress
I found that I’m lost in questions like:
1- What I well do with the current cert?
2- I’m I well install a cert on the new server with the temp DNS address instead of the current?
3- Am I going to face unauthorized nightmare?
4- Can I install a new cert on the backupmail.domain.com then when I shut down current server mail.domain.com I reinstall the cert from scratch to the new server?
5- In the future, If I build mail.domain.com and backupmail.domain.com as a running backup server, How I well do it?

ahmedvolks · May 20, 2019, 8:47am

Hi!
I wonder if someone read my topic. I’m waiting your reply when it be ready, but I used to your fast response.

Thanks for your efforts
Reda

ahmedvolks · May 24, 2019, 9:35am

Dear Team,
May I know if my post have and issue to understand to supply more information. Please let me know how do it.

orangepizza · May 24, 2019, 9:39am

certs will work of you copy to new server - but will other mail services (like gmail) follow your failover server? but that’s out of scope of this forum.

ahmedvolks · May 24, 2019, 9:44am

Thank you very much for your care You answered my important question and I well align with it, Have a nice day.

JuergenAuer · May 24, 2019, 9:47am

Hi @ahmedvolks

I don't really understand your question.

You can create one certificate and use it with different servers. The certificate has no information about the ip address, so you can use the same certificate with a lot of different ip addresses (backup servers).

Certificate creation -> distribute it to different servers.

But you should automate that - Letsencrypt certificates are only 90 days valid.

And your public dns entry yourdomain -> your ip is unique, so you may not be able to test it.

ahmedvolks · May 24, 2019, 10:01am

I’m sorry I not clear friends!
My mail server well retire soon, So I’m building another on. I understand now that I can take the cert files to the new server then run the renew as usual then add it to cronjob.
Good?

system · June 23, 2019, 10:01am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.