Mailcow-dockerized: Acme don´t get renewed when own certificate is placed

Created on 24 Oct 2018 · 5Comments · Source: mailcow/mailcow-dockerized

Describe the bug
If a own certificate is placed for e.g. mail.mailcow.host in data/assets/ssl/cert.pem, acme.sh wont request the certs for the further autodiscover / autoconfig Domains:

Found certificate with issuer other than mailcow snake-oil CA and Let's Encrypt, skipping ACME client...

IMHO this should request, too

How to reproduce Reproduce
Place a cert as described in https://mailcow.github.io/mailcow-dockerized-docs/firststeps-ssl/#use-own-certificates

Expected behavior
It should still request the le cert for the autoconfig / autodiscover Domains.

Logs
Found certificate with issuer other than mailcow snake-oil CA and Let's Encrypt, skipping ACME client...

System

Ubuntu 17.10

Source

develth

Most helpful comment

It is very, very, very important that a feature that covers this can be used universally, does not break current configs or migrates them flawless. It would be much easier to just use a reverse proxy for the autodiscover domains, everything else is very likely to break acme-mailcow.

I don't plan to integrate it at the moment.

andryyy on 24 Oct 2018

👍2

All 5 comments

How? It can only handle one certificate.

andryyy on 24 Oct 2018

E.g. by using another vhost for the autoX Subdomains

develth on 24 Oct 2018

See #461, that's a feature I see for commercial setups. There are workarounds described in this issue and a reason why it has no high priority at the bottom.

I will close it as duplicate. :-)

andryyy on 24 Oct 2018

👍1

Hmm - would handle it a little different.