MIAB and SSL for website hosted on another server


#1

Hello Everyone,

I have installed MIAB on a fresh DO droplet installed all SSL certificates via Lets encrypt. configured all the Nameserver , DNS records and glue records. say domain Example1 and MIAB host name is box.example1

Now I want I want to have one of my website (example2) which resides on another droplet and want to configure MIAB with the above installation. So for this

I will change the name server of the (example2) to the (box.example1)
2) now when I configure MIAB mail for user of the (example2) mail - then where do i need to configure SSL certificate in (box.example1) or in (example2) via lets encrypt.

I am bit confused as where to set the SSL certificate or if I am doing this the other way.

Thanks for all the help in advance.

Manish.


#2

Please let me clarify that I follow completely … you are running a web server on a different DO droplet for domain example2.com … am I right so far?

If you wish for MiaB to handle the DNS for the domain, yes you will need to change the name servers at the domain registrar to ns1 and ns2.box.example1.com.

Or if you want to continue using your existing DNS set up you may. Doing so is called “External DNS” in MiaB terms and is perfectly acceptable. If you use your present DNS service, you will need to copy the records generated by MiaB as shown on the “External DNS” page of the admin area to your present DNS service.

As far as mail delivery is concerned, etc. You do not need a SSL certificate for the domain example2.com. So there is NO configuration required for SSL on the server running MiaB.

You do of course want to have https on your website for example2.com and to do that you would install and use Let’s Encrypt on that DO droplet.


#3

Thanks a lot @alento, this make much sense to me now.

Just to clarify:

If I continue using external DNS and copy all the records to my Digital Ocean (now my DNS is in DO for example2.com) - then I don’t need install postfix on my example2.com server just like mentioned in advanced configuration of MIAB “Relaying For Other Machines”

For clarification - I want to use SMTP for example2.com for sending email via the website.

Thanks,
Manish


#4

Ok, you have added a new variable …

Where DNS records are hosted have no importance in what you want to achieve.

What is important is that you configure postfix on the other machine to relay through your MiaB. So follow the instructions that you referenced, including installing postfix. I do believe that you will ignore #5 in the instructions as they do not apply (your MiaB does not use a self-signed certificate).


#5

Thanks @alento now understood your point.

Another clarification - if I use MIAB nameserver in example2.com - even then I need to install postfix on example.com to be able to use SMTP?

What would I need to when I use nameserver box.example1.com for example2.com?

I am trying to escape installation of postfix somehow :wink: as once I installed it did not worked as expected.

Thanks.


#6

If you are going to send email from server2, you must have a MTA (mail transfer agent) to actually send it with (postfix, sendmail, etc.), installed on the second DO droplet. There is no way around this.

Is this a typo???

You already have postfix on example1.com (MiaB) … so what are you asking?

Change the name servers with the domain registrar from ns1. ns2. and ns3.digitalocean.com to ns1. and ns2.box.example1.com, and add the A record for the website in Custom DNS in the admin area of your MiaB. Remember that you most likely want to set the A record for both the naked domain example1.com and www.example1.com.


#7

Thanks a ton @alento for all these explanations. Now I am able to understand the things clearly.

I will implement all these steps and see how it goes.

Thanks again.


#8

@alento do you know how any guide for " Relaying For Other Machines" as the one mentioned in Mail-in-a-Box Advanced Configuration is relevant for ubuntu 14 but I am using ubuntu 18.04 and installation and configuration have much different screens.

Also I was unable to understand how and where to setup the relay password and what option to choose in the postfix installation screen…

I somehow completed the installation without taking any screenshots and tested the by sending a test email but nothing happened :frowning:

Any help would be highly appreciated.

Thanks,
Manish.


closed #9

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.