Update firststeps-ssl.md
Dieser Commit ist enthalten in:
Ursprung
7bf1e938e9
Commit
ad775558d3
1 geänderte Dateien mit 9 neuen und 4 gelöschten Zeilen
|
@ -31,7 +31,7 @@ A wildcard name like `autoconfig.*` will try to obtain a autoconfig.DOMAIN_NAME
|
||||||
|
|
||||||
Run `docker-compose up -d` to recreate affected containers automatically.
|
Run `docker-compose up -d` to recreate affected containers automatically.
|
||||||
|
|
||||||
## Validation errors and how to skip validation
|
### Validation errors and how to skip validation
|
||||||
|
|
||||||
You can skip the **IP verification** by setting `SKIP_IP_CHECK=y` in mailcow.conf (no quotes). Be warned that a misconfiguration will get you ratelimited by Let's Encrypt! This is primarily useful for multi-IP setups where the IP check would return the incorrect source IP. Due to using dynamic IPs for acme-mailcow, source NAT is not consistent over restarts.
|
You can skip the **IP verification** by setting `SKIP_IP_CHECK=y` in mailcow.conf (no quotes). Be warned that a misconfiguration will get you ratelimited by Let's Encrypt! This is primarily useful for multi-IP setups where the IP check would return the incorrect source IP. Due to using dynamic IPs for acme-mailcow, source NAT is not consistent over restarts.
|
||||||
|
|
||||||
|
@ -41,11 +41,16 @@ You can also skip this validation method by setting `SKIP_HTTP_VERIFICATION=y` i
|
||||||
|
|
||||||
If you changed a SKIP_* parameter, run `docker-compose up -d` to apply your changes.
|
If you changed a SKIP_* parameter, run `docker-compose up -d` to apply your changes.
|
||||||
|
|
||||||
## Disable Let's Encrypt function
|
### Disable Let's Encrypt
|
||||||
|
#### Disable Let's Encrypt completely
|
||||||
|
|
||||||
Set `SKIP_LETS_ENCRYPT=y` in "mailcow.conf" and recreate "acme-mailcow" by running `docker-compose up -d`.
|
Set `SKIP_LETS_ENCRYPT=y` in "mailcow.conf" and recreate "acme-mailcow" by running `docker-compose up -d`.
|
||||||
|
|
||||||
## How to use your own ceritficate
|
#### Skip all names but ${MAILCOW_HOSTNAME}
|
||||||
|
|
||||||
|
Add `ONLY_MAILCOW_HOSTNAME=y` to "mailcow.conf" and recreate "acme-mailcow" by running `docker-compose up -d`.
|
||||||
|
|
||||||
|
### How to use your own ceritficate
|
||||||
|
|
||||||
Make sure you disable mailcows internal LE client (see above).
|
Make sure you disable mailcows internal LE client (see above).
|
||||||
|
|
||||||
|
@ -59,7 +64,7 @@ docker exec $(docker ps -qaf name=nginx-mailcow) nginx -s reload
|
||||||
docker exec $(docker ps -qaf name=dovecot-mailcow) dovecot reload
|
docker exec $(docker ps -qaf name=dovecot-mailcow) dovecot reload
|
||||||
```
|
```
|
||||||
|
|
||||||
## Check your configuration
|
### Check your configuration
|
||||||
|
|
||||||
Run `docker-compose logs acme-mailcow` to find out why a validation fails.
|
Run `docker-compose logs acme-mailcow` to find out why a validation fails.
|
||||||
|
|
||||||
|
|
Laden …
In neuem Issue referenzieren