On a default installation of CyberPanel, Postfix and Dovecot use self-signed SSL. You can now use Let’s Encrypt with your mail server. Navigate to:
https://<IP Address>:8090/manageSSL/sslForMailServer
You will see a list of websites/domain here (which you have created via CyberPanel already). Make sure to choose the domain which has RDNS record against your IP Address. Once SSL is successfully issued, Postfix and Dovecot will start using Let’s Encrypt SSL.
It seems to generate it, because I can see new files at
ls -lha /etc/letsencrypt/live/mail.domain.com/
But it doesn’t use them
@mencargo please run these two command and then let me know results
postmap -F hash:/etc/postfix/vmail_ssl.map
systemctl restart postfix
The commands didn’t return any message and the URL with HTTPS still uses the self-signed SSL.
The file /etc/postfix/vmail_ssl.map contains one line with the format:
mail.domain.com /etc/letsencrypt/live/mail.domain.com/privkey.pem /etc/letsencrypt/live/mail.domain.com/fullchain.pem
And the file /etc/postfix/main.cf has the following lines related to SSL:
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem
smtpd_tls_key_file = /etc/pki/dovecot/private/dovecot.pem
tls_server_sni_maps = hash:/etc/postfix/vmail_ssl.map
