Certificate for 3rd party mail server in subdomain

Our web hosting is on one server, and our email service is from a provider on a different server.

I need to create a certificate to install on the mail server, where I have no shell access and there is no web server.

I wouldn’t have this problem if the email server presented a certificate valid for a domain that points to that server, but they don’t.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: cataloochee.com mail.cataloochee.com

email provider is vmsol.com (mail.vmsol.com)

How would you install the certificate if you don’t have root shell access?

There is a means for installing a certificate provided.

You could use the dns-01 challenge on any computer to get a certificate. That would require access to the DNS zone of the hostname of course.

You are giving me hope. Thanks!

Do I have to create a DNS record for mail.cataloochee.com to create a certificate for that subdomain, or can another be created for the purpose of authentication? I ask because mail.cataloochee.com is currently in use, and modifying it substantially would disrupt service to users.

Never mind. I found dns-01 in the docs.

Thanks again!

1 Like

The dns-01 challenge requires to put a TXT record on the _acme-challenge subdomain (if I’m not mistaken, could be something slightly different) of the hostname you want a certificate for.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.