Let's Encrypt is a certificate authority that provides free certificates for Transport Layer Security (TLS) encryption via an automated process.
This article applies to MDaemon versions 18.0 and above.
Let's Encrypt certificates are valid 90 days from the point the certificate was generated. MDaemon's Let's Encrypt menu will allow administrators to customize the certificate and enable a renewal feature to renew certificates before they expire. MDaemon will also apply the new certificates to MDaemon, Webmail, and Remote Administration automatically.
MDaemon's Let's Encrypt menu is designed to eliminate the current complex process of manual creation, validation, signing, installation, and renewal of certificates for secure websites. Click here for more information on Let's Encrypt and the services provided.
Webmail must be enabled and listening to port 80 (HTTP). This port must be open and available for the process to successfully complete. The port can be closed afterwards, if desired. Let's Encrypt renewals can be performed over HTTPS.
Follow the steps below to setup Let's Encrypt on the MDaemon mail server.
- Open the MDaemon configuration session.
- Select Security
- Select Security Settings
- Expand SSL & TLS
- Select Let's Encrypt
- Check Enable updates
- Enter alternate host names on the mail server in the Alternate host names field.
- Alternate host names only. Do not enter the primary domain's host name.
- If a external web-mail server is running, enter the IIS site name in the IIS site name field.
- Enter the desired email address for the admin to receive notifications.
- Enter the number of Days between updates in the available field.
Select Run Now to run the generated script displayed at the bottom of the menu or Apply to have MDaemon run it.
There will be a LetsEncrypt.log file generated in the \MDaemon\Logs (default location) directory.
Script errors and notifications will be delivered to the address entered in the admin notification field.