Generating certificates for mail servers


Can Let’s Encrypt be use to generate certificates for use with email servers? In my particular case, I would like to improve upon the certificates I generate with TinyCA2 and use with Dovecot. These certificates allow my mail clients to securely connect to the mail server running imaps.



Yes, any kind of TLS server would be fine. Solving the ACME challenge currently requires spinning up at least a temporary web server on port 80 or 443. In the future, verification via DNS will be an option too.


Note that you don’t need to actually set up a full web server if you don’t want. There’s a built-in “standalone” option in the official client that will work fine. All you need to do is make sure that port 80 isn’t blocked so the verification can complete.