Is there a set of steps I (and others) can use to add a mail server to an existing certificate installed with certbot?

For example the certbot certificates command outputs this,

Found the following certs:
   Certificate Name: testsite.com
     Domains: testsite.com www.testsite.com
     Expiry Date: 2020-04-12 21:20:31+00:00 (VALID: 86 days)
     Certificate Path: /etc/letsencrypt/live/testsite.com/fullchain.pem
     Private Key Path: /etc/letsencrypt/live/testsite.com/privkey.pem

What command adds a mail server to the certificate? For example mail.testsite.com.

What command did you use to generate your certificate? You should see a section that has -d testsite.com -d www.testsite.com and there you can add -d mail.testsite.com to generate a new certificate that has all three names on it.

Hi Jillian the problem is that throws an error. Is there an alternate command I should be using?

Also I should note that I have an MX record for my mailserver but according to the error it seems to be looking for an A record.

$ sudo certbot certonly --standalone -d mail.testsite.com

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mail.testsite.io
Waiting for verification…
Challenge failed for domain mail.testsite.io
http-01 challenge for mail.testsite.io
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

• The following errors were reported by the server:

  Domain: mail.testsite.io
  Type: dns
  Detail: DNS problem: NXDOMAIN looking up A for mail.testsite.io

Mx record means you will receive email by that domain: so you should also have a record for mail.testsite.io, as sender obviously need to know where that domain is.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.