X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=115-188-36-87-adsl.sparkbb.co.nz;
X-Received: from [192.168.1.73] (115-188-36-87-adsl.sparkbb.co.nz [115.188.36.87])
by netwin.co.nz (SurgeMail 7.3j) with ESMTP (TLS) id 2084741-1391920
for <surgemail-list@netwin.co.nz>; Fri, 17 Aug 2018 05:17:00 +0000
X-Return-Path: surgemail-support
Subject: Re: [SurgeMail List] Using Webservers Lets Encrypt Certificate
To: surgemail-list@netwin.co.nz
References: <840d3133-fdc8-d1a0-9db4-a82cc44367e7@easent.net>
<3ca5615e-af0f-c41c-4a8c-e013f61c3732@LaserPlus.de>
<53796be7-6718-6748-0a42-3390287e9e40@LaserPlus.de>
<2e48bb5b-a090-6bf1-5a57-063b7805dfc1@netwinsite.com>
<f2e07386-6964-d6e4-e121-48fa0f908db4@LaserPlus.de>
From: Surgemail Support
Message-ID: <a5b4b475-242d-a84f-dac1-596dd4b41a63@netwinsite.com>
Date: Fri, 17 Aug 2018 17:16:56 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <f2e07386-6964-d6e4-e121-48fa0f908db4@LaserPlus.de>
Content-Language: en-US
X-Authenticated-User: surgemail-support
X-Rcpt-To: <surgemail-list@netwin.co.nz>
X-SpamDetect: : 0.000000
X-Info: aspam skipped due to (g_smite_skip_relay)
X-Encryption: SSL encrypted
X-IP-stats: Incoming Last 0, First 0, in=31, out=0, spam=0 ip=115.188.36.87
List-Unsubscribe: <mailto:surgemail-list-leave@netwin.co.nz?subject=unsubscribe>
X-Mailing-List: surgemail-list@netwin.co.nz
List-ID: <surgemail-list@netwin.co.nz>
Precedence: bulk
Reply-To: surgemail-list@netwin.co.nz
Content-Transfer-Encoding: 8bit
Content-Transfer-Encoding: 8bit
You mean after copying the certificate file? BAsically if it
fails to respond on the secure ports it is usually because it's
got a faulty certificate that it cannot read or doesn't match it's
private key file.
If you are copying them from your webserver you need
surge_cert.pem (the certificate, and chain certs), and
surge_priv.pem (the private key file).
Then restart surgemail, and check mail.err to see if it loaded
those ok.
(or tellmail ssl_reload on recent versions will also tell you
something about if it can load the certificate file ok)
ChrisP.
On 17/08/2018 5:02 PM, Stephan Koenig
wrote:
(in theory) Just setup a cron job that coppies the certificates into the
surgemail folder/file (surgemail/ssl/surge_cert.pem) and issues a
tellmail ssl_reload
Thanks Chris.
I can't get a response from https://myserver:7025
- not even on the local system and on testing with telnet.
Same for Webmail on port 7443
Anything else I need to turn on?
(I believe the 143 is incorrect)
g_manager_secure_port - Manager secure port (default
143)
This should be the
main server management port and provides a secure server
management connection. By default it is port 7025. https://your.mail.server:7025.
Use the keyword 'disabled' to disable this part of the SurgeMail
service.
Syntax:
g_manager_secure_port int