Hi.
I previously used the built in certificate renewal with acme-tiny to manage the certificates for my mail server. I’m now using my own custom script that copies the new certificate and key file into the /data/assets/ssl/ directory every time the certificate is renewed and have set SKIP_LETS_ENCRYPT=y in mailcow.conf. However, when the certificate has been renewed, I have to manually update my TSLA record for my domain as it is no longer valid. Is there any different way to renew my certificate so that I don’t have to change my TSLA record each time?
Thanks in advance for any help!

  • Not sure what script you’re using, but with LetsEncrypt/certbot there’s an option/flag reuse-key that you will probably have to use for TSLA.

Not sure what script you’re using, but with LetsEncrypt/certbot there’s an option/flag reuse-key that you will probably have to use for TSLA.

Have something to say?

Join the community by quickly registering to participate in this discussion. We'd like to see you joining our great moo-community!

No one is typing