My problem is how to create the certificate let's encrypt SSL


#1

Hello I have a problem, how to create the certificate SSL let’s encrypt for Postfix and Dovecot?
I have detected several problems and some tutorials that I have read do not work either, I have tried with:
certbot certonly --standalone -d mail.domain1.com -d mail.domain2.com -d mail.domain3.info
certbot: error: unrecognized arguments: --standalone
certbot certonly --nginx -d mail.domain1.com -d mail.domain2.com -d mail.domain3.info
it does not work because it does not give me a valid certificate when it comes to working with it, thunderbird gives it to me as invalid, what do I do? I suppose I’ll have to create it somehow.
It is possible that it works with this command:
certbot certonly --cert-name -d domain1 -d domain2 -d domain3


#2

Please read your previous threads:

As written there:

You have already 3 active and valide certificate with mail.gamesyap.com as domain name, created yesterday.

So you have your certificates. Using the link @rg305 has posted there are a lot of samples how to use certificates with Postfix and Dovecot.


#3

Thank you for your help!
I have asked why I do not know how to make a certificate work with encrypted email and I searched and searched the search engine but I have not found the right answer to my problem and I have the problem with certificates let’s encrypt because the server postfix and dovecot they work what does not work for me is let’s encrypt and that’s why I ask.
What would you do if it is a service that you need to have and it will not work for you? probably ask, so good thank you very much for answering me and I will see if it helps me what the man that you have put me


#4

Hi @techcomputerworld,

Currently, Certbot doesn’t install its certificates into mail server applications like Postfix and Dovecot. The certificates that Certbot obtains are valid for use with those applications, but Certbot does not configure the mail server applications for you. You have to edit their configuration files to refer to the certificates that you’ve received.

As @JuergenAuer noted, you’ve created other forum threads to talk about your problems and using those threads is more appropriate than creating more threads. So I’m going to close this thread and suggest that you use one of the other threads.

In order to get useful help on the forum, it’s really important for you to mention your specific domain name and also the specific error message that you received, not just say that something doesn’t work. It’s almost impossible to diagnose problems like this without a specific error. Ideally, you can quote the actual error message in the actual words that the software used. For example, if you tried to connect to your mail server with Microsoft Outlook and it said “Error: certificate for mailservice.example.com port 993 is expired”, posting that exact text on the forum will help you get a much better answer much faster.

Thanks! I hope we’ll be able to figure out your problems in another thread.


#5