Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added note about caddy

This commit is contained in:
Erik Wramner 2020-05-04 08:01:53 +02:00
parent 5bb68e9905
commit 2e0284ded3
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
docs/content/config/security/ssl.md
View File

@ -20,6 +20,26 @@ To enable Let's Encrypt on your mail server, you have to:
You don't have anything else to do. Enjoy. You don't have anything else to do. Enjoy.
#### Pitfall with Caddy
If you are using Caddy to renew your certificates, please note that only RSA certificates work. Read [issue 1440](https://github.com/tomav/docker-mailserver/issues/1440) for details. In short the caddy file should look something like:
```
https://mail.domain.com {
tls yourcurrentemail@gmail.com {
key_type rsa2048
}
}
```
EC certificates fail in the TLS handshake:
```
CONNECTED(00000003)
140342221178112:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1543:SSL alert number 40
no peer certificate available
No client certificate CA names sent
```
#### Example using docker for letsencrypt #### Example using docker for letsencrypt
Make a directory to store your letsencrypt logs and configs. Make a directory to store your letsencrypt logs and configs.