nodemailer/wildduck
1
1
Fork 0
mirror of https://github.com/nodemailer/wildduck.git synced 2024-12-27 02:10:52 +08:00
Code Issues Projects Releases Packages Wiki Activity
wildduck/docs/in-depth/acme-certificates.md
Andris Reinman 21c5dccceb docs typo
2021-06-22 15:25:08 +03:00

1.1 KiB
Raw Permalink Blame History

ACME Certificates

WildDuck is able to manage SNI certificates with Let's Encrypt or any other ACME compatible certificate authority.

Requirements to use auto-renewing SNI certificates:

  • SNI certificates are used by IMAP, POP3, WildDuck API, and SMTP servers. MX and Webmail servers are not covered by this.
  • Each server that a SNI hostname resolves to must have either WildDuck API or ACME agent running on port 80
  • When using SNI you still have to set up some default certificates in the config file. These could be self-signed though as WildDuck prefers SNI certs whenever possible
  • You must register ACME SNI certificates via /certs API endpoint with the following configuration:
curl -XPOST http://localhost:8080/certs -H 'content-type:application/json' -d'{
    "servername": "imap.example.com",
    "acme": true
}'

The example above expects WildDuck ACME agent running on port 80 in every IP address that imap.example.com resolves to