Another Mail Server with same IP Address

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
Ahmed

Hi! I have a mail server ubuntu 16.04 and I well replace it with ubuntu 18.04 using this tutorial:
https://www.exratione.com/2019/02/a-mailserver-on-ubuntu-18-04-postfix-dovecot-mysql/

Whe I arrived to the line:
Set Up an Automatically Renewed SSL Certificate with Let’s Encrypt

Note: I’m installing the new server with another Public IPaddress
I found that I’m lost in questions like:
1- What I well do with the current cert?
2- I’m I well install a cert on the new server with the temp DNS address instead of the current?
3- Am I going to face unauthorized nightmare?
4- Can I install a new cert on the backupmail.domain.com then when I shut down current server mail.domain.com I reinstall the cert from scratch to the new server?
5- In the future, If I build mail.domain.com and backupmail.domain.com as a running backup server, How I well do it?

Hi!
I wonder if someone read my topic. I’m waiting your reply when it be ready, but I used to your fast response.

Thanks for your efforts
Reda

Dear Team,
May I know if my post have and issue to understand to supply more information. Please let me know how do it.

certs will work of you copy to new server - but will other mail services (like gmail) follow your failover server? but that’s out of scope of this forum.

Thank you very much for your care :slight_smile: You answered my important question and I well align with it, Have a nice day.

Hi @ahmedvolks

I don't really understand your question.

You can create one certificate and use it with different servers. The certificate has no information about the ip address, so you can use the same certificate with a lot of different ip addresses (backup servers).

Certificate creation -> distribute it to different servers.

But you should automate that - Letsencrypt certificates are only 90 days valid.

And your public dns entry yourdomain -> your ip is unique, so you may not be able to test it.

1 Like

I’m sorry I not clear friends!
My mail server well retire soon, So I’m building another on. I understand now that I can take the cert files to the new server then run the renew as usual then add it to cronjob.
Good?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.