Proper Name for Chain Cert


#1

Hey guys, im a complete newb at SSL and basically everything else with this project. I am hoping you can help me. I actually used SSLforFree for my cert instead of letsencrypt because I wasnt exactly sure how to use letsencrypt.

So I am following the 2014 mail server setup guide on arstechnica. I purchased a domain to test with, and I’m just trying to learn here (not actually going to leave this mail server running or use it). I have it setup on a vultr VPS with ubuntu 18.04

The guide covers using certs from another CA. I have accomplished getting both the private key and the cert into the correct directory and now I am trying to create my chain cert. However, the “name” of the file, which in the guide is downloaded with wget, is from the other CA’s website. What Im trying to figure out is if it matters what I name the cert file, since I am just using it to make a chain anyway. (seeing as how all teh other cert names had proper server names, Im assuming the file name does matter) I can make the file, and paste the data into it, but I just not sure about the name. Here is the guide im using, and the instructions im stuck at are a few paragraphs from the bottom.

I could really use some direction if anyone is willing to point! thanks!!.


#2

The filename won’t make any difference. As long as you match the format expected by the server (PEM, DER, PFX, whatever), you’re all good.


#3

Thank you for your reply. I went ahead and tried using the same name, and got to the very next step and had even more of a problem (trying to decrypt the private key with openssl) Im moving on to a guide to use Iredmail. I think that might be a little bit easier with my level of knowledge. but thanks for your input.


#4

Getting an LE cert from Ubuntu 18.04 system should be extremely simple.
Provided:

  • DNS resolves the requested name(s) to your IP.
  • Port 80 is open and can reach your system at that IP (today 443 may also work… but not for long)

Once you have an LE cert, applying it to Dovecot is pretty straightforward.
See: https://wiki.dovecot.org/SSL/DovecotConfiguration