I’ve installed mail in the box on a seperate server. I’ve set all the DNS records as per the instructions. I’ve set my subdomain to proxy through Cloudflare and I want to install the SSL certificate.
When I go to MiaB Install a certificate I press my subdomain, leave the country blank and copy the CSR Into Cloudlare’s certificates (I’ve tried creating both an Origin and Client certificate) however MiaB says there is a problem with both certs Cloudflare gives me.
Simply put, proxying the domain though cloudflare dns wouldn’t be something that is supported. It might work for things like roundcube, but ultimately mail servers speak TLS encryption to each other and I think this all needs to be the same valid cert.
Turn of the proxy dns in cloudflare. Use letsencrypt (like everyone else) and call it a day?
The box will renew the client certificate every 90 days on its own.
I never tried uploading a CSR from the box to cloudflare and seeing what it provides but honestly this is way out of the scope of this project. Its possible it works perhaps the certificate that cloudflare creates is the wrong format. it might need to be converted from whatever format it gives you to a different format. Can you explain what cloudflare gives you? P7B, CRT, etc? google that and see if you can convert it to a usable format.
MiaB has a setting to install your own certificate They give you a CSR and you can put a certificate in. I figured as I have my entire domain proxied through cloudflare this would work.
It doesn’t matter what format I get from cloudflare (pem / p7b) they both did not work in MiaB.
Yes, if need be I can just use lets encrypt and not proxy it through Cloudflare but this didn’t seem like the best option at first.