NGINX uses self-signed cert instead of Let’s Encrypt one
Fourth try creating a new iRedMail server on CentOS 7.6.
First time using NGINX. Stuck getting Let’s Encrypt certificate to present.
Error: “Could not automatically find a matching server block. Set the server_name directive to use the Nginx installer.”
Then created /etc/nginx/conf.d/FQDN.conf.
Re-ran: 1: Attempt to reinstall this existing certificate. Still failed to install.
Are a couple possible conf files to make. Which to use?
2 Replies
I ran through the installation using a similar environment (CentOS 7, iRedMail-0.9.8) using the following iRedMail guides:
I found a conflict between the CertBot installation instructions and the iRedMail documentation. Specifically with the following command:
$ sudo certbot --nginx
This can cause a lot of havoc with an iRedMail installation, and is warned about in their official documentation.
certbot program offers argument --apache and --nginx to modify Apache/Nginx config files directly, they mess up iRedMail configurations, please do not use these 2 arguments.
I would recommend a clean install of CentOS and iRedMail for best results rather than hunting for affected configuration files.
Avoiding the aforementioned issue, I was able to successfully setup Let's Encrypt for use with iRedMail.
Thanks emaggitt. That iRedMail link had the commands needed.
Expect that to be the last stumbling block.
Setup 0.9.9, which came out today.
This server was to replace 0.9.5 I setup a few years ago. linode2531027.
Used Apache then. Did not have steps such as those above as I remember. No certbot then as I remember. Did use many pages in docs.iredmail.org. Good for whitlisting. Changing values to mark mail spam or clean.
Had to install Fail2Ban ourselves.
Thanks again. Onto the next steps.