How can we improve Kerio Connect?

Add support for Letsencrypt

Please add full support for letsencrypt certificates

https://letsencrypt.org/

309 votes
Vote
Sign in
Signed in as (Sign out)
You have left! (?) (thinking…)
gobbligobbli shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

12 comments

Sign in
Signed in as (Sign out)
Submitting...
  • AdminAdmin commented  ·   ·  Flag as inappropriate

    Adding certbot support to issue and auto renew SSL certificates would be great.

    Requires the web server to recognise .well-known/acme-challenge, a cron job to auto renew and a hook to restart services when a new certificate is issued (every 3 months).

    Vital as even small organisations can no longer use self signed certificates as iPhones/iPads will not honour them for mail.

  • Chris WeissChris Weiss commented  ·   ·  Flag as inappropriate

    certbot could easily be used if the embedded web server would honor the needed files in a ".well-known" folder. full support would be nice though.

  • bradbrad commented  ·   ·  Flag as inappropriate

    I would assume that Full support for Letsencrypt would include Disaster recovery. The ability to do a backup of Kerio and recover it with out missing pieces to have to remember.

    Also Letsencrypt certificates expire every 90 days. Kerio connect would need the ability to auto renew.

  • Viktoria Rei BauerViktoria Rei Bauer commented  ·   ·  Flag as inappropriate

    You can already use LetsEncrypt certificates - just create the certificate and import the private and public key. Sure, using the API would be neat.

  • Carsten MaasCarsten Maas commented  ·   ·  Flag as inappropriate

    Who can be sure, that also "bad guys" use LetsEncrypt? So from my point of view, reputation of well known CAs is better in a professional environment.

Feedback and Knowledge Base