Hi, How does automatic script with Zimbra ?
I will be interested also to be able to use Let’s Encrypt with a Zimbra server :).
Thank you, but
Failed authorization procedure. mx.sushi.ru (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client for DV :: Failed to connect to host for DVSNI challenge
If you lose your account credentials, you can recover through
e-mails sent to email@example.com.
The following ‘urn:acme:error:connection’ errors were reported by
Error: The server could not connect to the client for DV
Your account credentials have been saved in your Let’s Encrypt
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Let’s
Encrypt so making regular backups of this folder is ideal.
Same problem here.Did you find a solution ?
Well, in the case of @NorD the hostname
mx.sushi.ru doesn’t even have an IP address associated with it. So nothing can connect to it. I’m wondering if e-mails to the domain
sushi.ru even arrive?
Anyway, just stating “same problem here” isn’t getting you anywhere I’m afraid. The Let’s Encrypt ACME server has multiple challenge systems and currently it uses the
tls-sni-01 challenge for the “live” server. This means there has to be a HTTP or HTTPS (respectively) listening on port 80 and/or 443 on the hostname(s)/(sub)domain(s) you want a certificate for.
At the moment there’s also a DNS challenge system being developed (so no need for accessibility on port 80 and/or 443 required), but this is currently in the “staging” server only (which doesn’t generate “real” trusted certificates you can use). Also, it’s not very well documentated as far as I know and I’ve got no clue if it’s implemented in the official client at all.
If your mailserver also runs a webserver, then you possibly could use that one. Depends on how you call your mailserver. You probably don’t have a virtualhost called
mx.yourdomain.tld on your webserver.
If your mailserver doesn’t come with a webserver, you could use the standalone plugin, which acts as its own temporary webserver. But ofcourse, the server should be reachable on port 80 and 443 from the internet for this to work.