Install SSL Certificate for iRedMail

Suppose we have a signed SSL certificate, or we will receive it from Let’s Encrypt, as I described in this article:
Installing Certbot in Ubuntu

To install an SSL certificate for iRedMail, you need to specify it in the Dovecot, Postfix and Apache2 configuration.

Specify the certificate in Dovecot, to do this, open the configuration file in a text editor:

sudo nano /etc/dovecot/dovecot.conf

Find the lines:

ssl_cert = </etc/ssl/certs/iRedMail.crt
ssl_key = </etc/ssl/private/iRedMail.key

And change them to your certificate (say, from Let’s Encrypt):

ssl_cert = </etc/letsencrypt/live/
ssl_key = </etc/letsencrypt/live/

Now open the Postfix configuration:

sudo nano /etc/postfix/

Find the lines:

smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
smtpd_tls_cert_file = /etc/ssl/certs/iRedMail.crt
smtpd_tls_CAfile = /etc/ssl/certs/iRedMail.crt
smtpd_tls_CApath = /etc/ssl/certs

And change them to your certificate (say, from Let’s Encrypt):

smtpd_tls_key_file = /etc/letsencrypt/live/
smtpd_tls_cert_file = /etc/letsencrypt/live/
smtpd_tls_CAfile = /etc/letsencrypt/live/
smtpd_tls_CApath = /etc/letsencrypt/live/

Well, it remains to open the configuration of Apache2:

sudo nano /etc/apache2/sites-enabled/default-ssl.conf

Find strings:

SSLCertificateFile /etc/ssl/certs/iRedMail.crt
SSLCertificateKeyFile /etc/ssl/private/iRedMail.key

And change them:

SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/

To apply the changes, restart Dovecot, Postfix, Apache2 and make sure that they are successfully launched:

sudo service dovecot restart
sudo service postfix restart
sudo service apache2 restart
sudo service dovecot status
sudo service postfix status
sudo service apache2 status

This completes the installation of your SSL certificate for iRedMail.

See also my article:
How to renew SSL certificate on iRedMail

Leave a comment

Leave a Reply