I decided to configure my Dovсot and Postfix to use a certificate from Let’s Encrypt. But the problem is that our site is hosted, and the mail server is located on our local server. In addition, I do not control our site, another person is engaged in this, and I do not want to involve him in this task. For the same reason, I do not want to use the existing certificate of our site.
But I control our domain. Thus, judging by the user guide, I can generate a certificate on our local server using the following command:
certbot -d alkiv.ua --manual --preferred-challenges dns certonly
At some stage, the utility asks to add DNS TXT record to the domain. The question is: will I need to manually correct this text entry each time the certificate is updated? Or does it need to be done only once?
My domain is:
alkiv.ua
I ran this command:
certbot -d alkiv.ua --manual --preferred-challenges dns certonly
It produced this output:
Please deploy a DNS TXT record under the name
_acme-challenge.alkiv.ua with the following value:
some_symbols
My web server is:
I do not have a web server. I want to use a certificate for our mail server.
The operating system is:
Dovecot and Postfix runs on FreeBSD 11.3.
I can login to a root shell on my machine:
Yes.
I’m using a control panel to manage my site:
No.
The version of my client is:
certbot 1.2.0