How can we improve Kerio Connect?

Add support for Letsencrypt

Please add full support for letsencrypt certificates

323 votes
Sign in
Signed in as (Sign out)
You have left! (?) (thinking…)
gobbligobbli shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Signed in as (Sign out)
  • AdminAdmin commented  ·   ·  Flag as inappropriate

    Adding certbot support to issue and auto renew SSL certificates would be great.

    Requires the web server to recognise .well-known/acme-challenge, a cron job to auto renew and a hook to restart services when a new certificate is issued (every 3 months).

    Vital as even small organisations can no longer use self signed certificates as iPhones/iPads will not honour them for mail.

  • Chris WeissChris Weiss commented  ·   ·  Flag as inappropriate

    certbot could easily be used if the embedded web server would honor the needed files in a ".well-known" folder. full support would be nice though.

  • bradbrad commented  ·   ·  Flag as inappropriate

    I would assume that Full support for Letsencrypt would include Disaster recovery. The ability to do a backup of Kerio and recover it with out missing pieces to have to remember.

    Also Letsencrypt certificates expire every 90 days. Kerio connect would need the ability to auto renew.

  • Viktoria Rei BauerViktoria Rei Bauer commented  ·   ·  Flag as inappropriate

    You can already use LetsEncrypt certificates - just create the certificate and import the private and public key. Sure, using the API would be neat.

  • Carsten MaasCarsten Maas commented  ·   ·  Flag as inappropriate

    Who can be sure, that also "bad guys" use LetsEncrypt? So from my point of view, reputation of well known CAs is better in a professional environment.

Feedback and Knowledge Base