I am unable to run the LetsEncrypt auto SSL generator because I am running MIAB on a separate server from my webserver (running LetsEncrypt provides an error saying that www.domain.com does not point to the same IP as the mail server. This is correct because that’s true). If we could choose which domains we want to install the certificate on, this may help this particular issue. Since I am unsure of everything that needs to be modified, I have not installed the certificate manually.
So, with the issue of LetsEncrypt, I have tried a couple of different signing authorities (Comodo & sslforfree) to test installing a certificate by using the CSR. Through both, I get an error stating
There is a problem with the certificate. error /tmp/tmprhxkmnfp.pem: verification failed
I am using AWS to run my servers, so I typically use the AWS Certificate Manager for webserver security. With that said, I’m unable to run DNSSEC. Being that I’ve used iRedMail before, I have been introduced to a number of new DNS settings though (under System -> External DNS). Are these all necessary? And with that said, and my DNS settings hosted in AWS, I am unable to use the provided DKIM DNS settings as I’m told the TXT value is too long.
If anyone has questions, send me a message on Telegram @MainelySoftware
This will help clean up chat, and then answers can be provided here.