Happy Weekend to ALL.
let me start by saying thanks to all the hard work you guys/girls put into Sentora.
I've spent the last 2 days wading through endless posts & threads
all asking the same question with different answers.
Could not fing a strainght forward guide...
I also done hundreds of searches on the forum for the simple answer..
this is what i've done so far is:
1. used this thread http://forums.sentora.org/showthread.php?tid=2535
(Secure Sentora Domains with Let's Encrypt)
to get cert for
mail.123hosting.tk
2. used this thread http://forums.sentora.org/showthread.php?tid=46
(Ubuntu: How to setup TLS on postfix and dovecot)
started at no3
4: find # tls config and added
smtp_use_tls = no
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
smtpd_tls_key_file = /etc/letsencrypt/live/mail.123hosting.tk/privkey.pem
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.123hosting.tk/cert.pem
smtpd_tls_CAfile = /etc/letsencrypt/live/mail.123hosting.tk/fullchain.pem
and removed what was there before![Smile]( "Smile")
------------------------------------------------
5: edit master.cf (did what the guide said)
------------------------------------------------
6: configure Dovecot
Code:
and changed
and added this below it:
ssl_key = </etc/letsencrypt/live/mail.123hosting.tk/privkey.pem
ssl_cert = </etc/letsencrypt/live/mail.123hosting.tk/cert.pem
ssl_ca = </etc/letsencrypt/live/mail.123hosting.tk/fullchain.pem
Code:
CHECKED at
http://www.checktls.com/perl/TestReceiver.pl
EVERYTHING Green OK apart from CERT failed
this is error in report :
![[Image: TLS-supportat123hosting.tk-Error.png]]()
Hopefully one of the more experience members of this forum / sentora project can help this newbie...
beleive me I do appreciate all the help and guidance i've receieved so far and once i can get my sentora into production not on a grand scale.. I will more than happily donate some to the cause
?Thanks![Smile]( "Smile")
P.S this is the developement domain i'm using until it works stable. then i will be go-daddy domain on production set up![Smile]( "Smile")
let me start by saying thanks to all the hard work you guys/girls put into Sentora.
I've spent the last 2 days wading through endless posts & threads
all asking the same question with different answers.
Could not fing a strainght forward guide...
I also done hundreds of searches on the forum for the simple answer..
this is what i've done so far is:
1. used this thread http://forums.sentora.org/showthread.php?tid=2535
(Secure Sentora Domains with Let's Encrypt)
to get cert for
mail.123hosting.tk
2. used this thread http://forums.sentora.org/showthread.php?tid=46
(Ubuntu: How to setup TLS on postfix and dovecot)
started at no3
Code:
nano /etc/postfix/main.cf4: find # tls config and added
smtp_use_tls = no
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
smtpd_tls_key_file = /etc/letsencrypt/live/mail.123hosting.tk/privkey.pem
smtpd_tls_cert_file = /etc/letsencrypt/live/mail.123hosting.tk/cert.pem
smtpd_tls_CAfile = /etc/letsencrypt/live/mail.123hosting.tk/fullchain.pem
and removed what was there before
------------------------------------------------
5: edit master.cf (did what the guide said)
------------------------------------------------
6: configure Dovecot
Code:
Code:
nano /etc/dovecot/dovecot.confand changed
Code:
ssl = no to ssl = yesssl_key = </etc/letsencrypt/live/mail.123hosting.tk/privkey.pem
ssl_cert = </etc/letsencrypt/live/mail.123hosting.tk/cert.pem
ssl_ca = </etc/letsencrypt/live/mail.123hosting.tk/fullchain.pem
Code:
Code:
service postfix restart
service dovecot restartCHECKED at
http://www.checktls.com/perl/TestReceiver.pl
EVERYTHING Green OK apart from CERT failed
this is error in report :
![[Image: TLS-supportat123hosting.tk-Error.png]](http://123hosting.tk/files/images/TLS-supportat123hosting.tk-Error.png)
Hopefully one of the more experience members of this forum / sentora project can help this newbie...
beleive me I do appreciate all the help and guidance i've receieved so far and once i can get my sentora into production not on a grand scale.. I will more than happily donate some to the cause
?Thanks
P.S this is the developement domain i'm using until it works stable. then i will be go-daddy domain on production set up