Hi, How does automatic script with Zimbra ?
I will be interested also to be able to use Letās Encrypt with a Zimbra server :).
Thank you, but
Failed authorization procedure. mx.sushi.ru (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client for DV :: Failed to connect to host for DVSNI challenge
IMPORTANT NOTES:
-
If you lose your account credentials, you can recover through
e-mails sent to postmaster@sushi.ru. -
The following āurn:acme:error:connectionā errors were reported by
the server:Domains: mx.sushi.ru
Error: The server could not connect to the client for DV -
Your account credentials have been saved in your Letās Encrypt
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Letās
Encrypt so making regular backups of this folder is ideal.
Same problem here.Did you find a solution ?
Thanks
Well, in the case of @NorD the hostname mx.sushi.ru
doesnāt even have an IP address associated with it. So nothing can connect to it. Iām wondering if e-mails to the domain sushi.ru
even arrive?
Anyway, just stating āsame problem hereā isnāt getting you anywhere Iām afraid. The Letās Encrypt ACME server has multiple challenge systems and currently it uses the http-01
and/or tls-sni-01
challenge for the āliveā server. This means there has to be a HTTP or HTTPS (respectively) listening on port 80 and/or 443 on the hostname(s)/(sub)domain(s) you want a certificate for.
At the moment thereās also a DNS challenge system being developed (so no need for accessibility on port 80 and/or 443 required), but this is currently in the āstagingā server only (which doesnāt generate ārealā trusted certificates you can use). Also, itās not very well documentated as far as I know and Iāve got no clue if itās implemented in the official client at all.
If your mailserver also runs a webserver, then you possibly could use that one. Depends on how you call your mailserver. You probably donāt have a virtualhost called mx.yourdomain.tld
on your webserver.
If your mailserver doesnāt come with a webserver, you could use the standalone plugin, which acts as its own temporary webserver. But ofcourse, the server should be reachable on port 80 and 443 from the internet for this to work.