Connect MailServer
- check certs!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo openssl x509 -enddate -noout -in /etc/letsencrypt/live/your_domain/fullchain.pem - Stop service!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo systemctl stop nginx!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo systemctl stop postfix!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo systemctl stop dovecot - check http port can connect!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
firewall open http!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo ufw allow http - Renew cert!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo certbot certonly --standalone -d your_domain --preferred-challenges http - check cert!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo openssl x509 -enddate -noout -in /etc/letsencrypt/live/your_domain/fullchain.pem - close http port!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo ufw delete allow http!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
firewall close http - cert permission!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo chown root:root /etc/letsencrypt/live/your_domain/privkey.pem!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo chmod 600 /etc/letsencrypt/live/your_domain/privkey.pem - Start service!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo systemctl start nginx!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo systemctl start postfix!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
sudo systemctl start dovecot
Auto Renew Config
- sudo crontab -e
- choose 1, and add below line in end!Y2B:l2KTUyc}nT{p8+[w$b0>Tfpbx|p%T^(7(%BCe3ok.F>{>p1LZYy>
0 3 * * * /usr/bin/certbot renew --quiet && systemctl reload nginx postfix dovecot - save
