Cert for smtp-only systyem


#1

how to i get a cert for a mail server that does not have a web server? i just spent half an hour searching the net of a thousand lies to no avail.


#2

You can use the standalone mode to run a temporary web server, or use a client that supports the dns-01 challenge.


#3

i normally use acme_tiny.py because i will not run 100kg of code with root privs. got a client that does the fake.temp server without root? e.g. using dns to prove control?


#4

You can’t do a temp server without root as it needs ports <1024.

For the DNS challenges you can use letsencrypt.sh with an appropriate hook.