Can the SSL certificate created by certbot be used by an email program for secure connections?
Let’s Encrypt certificates can be used by email servers to provide secure SMTPS/IMAPS/POP3S/etc services, yes.
If it can use a paid cert, it can use the free LE cert - just the same.
[well except for the fees]
I was fairly sure that would be an acceptable use.
Are there instructions for creating a cert when there is no website for the challenge phase?
There are ACME clients that can do that for you.
Please review from the available options:
There is now even a Beta Certbot for Windows:
As always, if you have any question: We are here for that too
To be clear, although the default validation is via HTTP, you are not required to have an operational web site to obtain an LE cert.
[that would makes thing easier - but not a requirement]
Most ACME clients are designed to work well with existing web servers and that is their main use.
But they can also obtain certs via DNS authentication or even by spinning up their own temporary web service. If your external IP can reach, or be made to reach, any system via port 80, that is an easy option to implement.
Once you have the cert it can be used by a variety of systems.
If you are using an email system like MS Exchange, pay close attention to the required names to be included in the cert (i.e. SAN [Subject Alternate Names]). LE certs can hold up to 100 SAN entries - so that should be way more than anything one email server should ever need.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.