TLSA records with lets-encrypt certs

Wwryfi · 10 Feb

Is it ok to publish a TLSA record with mailcow using Let’s Encrypt certificates? If some care is not taken in the renewal process, the TLSA record would become outdated every time the certificate is renewed. I read that using setting the “reuse-key” option in the letsencrypt client should work around this, but I don’t see anything like that in a grep of my data/conf dir.

Never mind, I think I found the answer.

Cisco30 · 11 Feb

hi
TLSA key information during a mailcow-acme renewal

mailcow communityDiscussion

TLSA key information during a mailcow-acme renewal

Cisco30

hi I would like to know if the TLSA key during an automatic renewal of mailcow-acme will be modified or if it will keep its current value, because if it changes every 3 months, it will have to be modified in the DNS settings of my host. Thanks for your help.

4 3 May 2, 2024

TLSA DNS setup

mailcow communityDiscussion

TLSA DNS setup

Cisco30

hi I’m trying to configure the TLSA DNS entry, but I don’t know if it’s correct because there’s something weird. if I configure the recording by writing 25.tcp.mail.XXXXXX.cloud. I get a response with 3 zero in mailcow and if I configure by writing 25.tcp.XXXXX.cloud. I get a positive result in

5 2 Mar 8, 2024