[TLDR: I need help to add the intermediate cert as well as enabling OCSP Stapling. (Mailcow-Dockerized - Ubuntu 20.04 VM - No reverse-proxy - No LetsEncrypt, bought my own cert)]
Hi everyone, I have been using mailcow for a few months now and love it. Recently, however, I looked through my logs and noticed that there have been a significant amount of scans and attempts to compromise my server. I ran a couple standard online security tests against my server and one(immuniweb) came back as A+(with some notes) and the other(ssllabs) gave me a B. After reviewing these scans I would like to make some changes to my server to make sure I am doing everything I can to keep it secure.
The first thing I would like to accomplish is I would like to find some way to upload my intermediate certificate to complete the chain. I have looked through the official documentation, reddit and google and cannot find how this is done. I tried to modify the config file in the nginx container, but obviously all changes made are reverted back to default.
The second thing I would like to resolve is to enable OCSP Stapling on my server, I have done the same research and testing as above but with no luck.
If anyone has any idea of how to accomplish this, or could point me in the right direction, I would greatly appreciate it.