[BlueOnyx:26884] Re: Let's Encrypt

[Michael Stauber]

Hi Roy,

> Initially I used the GUI to grab a Let’s Encrypt cert and it works great 
> for www.domain.com, but it didn’t encrypt mail.domain.com
> 
> I have tried a few configurations such as removing the Email aliases and 
> adding them as web aliases, but I seem to have issues with mail delivery 
> in that config.

Say you have a Vsite named www.company.com

Give it the following "Web Server Aliases":

company.com
mail.company.com

Then give it the same "Email Server Aliases", too:

company.com
mail.company.com

Then go to "SSL" on that Vsite, click on the "Let's Encrypt" button and 
scroll down until you find "SSL domain aliases". It's a table with two 
columns and on the LEFT side of it you will see all "Web Server Aliases" 
which will be included in the validity of the SSL certificate.

It will probably show "company.com" already on the left side of this 
table and it may have "mail.company.com" on the right side of the table.

Move everything to the left, then fill in the other blanks such as the 
"Contact Email" address and make sure to tick "Request or Renew 
Certificate" and hit save.

That will then request a new SSL certificate with validity for 
www.company.com (the FQND of the Vsite) and all Web Server Aliases which 
you had move to the left side of the table "SSL domain aliases".

The resulting SSL certificate will then cover everything.

-- 
With best regards

Michael Stauber