How can we improve Kerio Connect?

Add support for Letsencrypt

Please add full support for letsencrypt certificates

361 votes
Sign in
Signed in as (Sign out)
You have left! (?) (thinking…)
gobbli shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →


Sign in
Signed in as (Sign out)
  • Gary McDonald commented  ·   ·  Flag as inappropriate

    This would be amazing. Apple and devices are a pain to get working since the latest ios updates. It's an admin pain to buy a CA cert and get it renewed every year for each customer we have.

  • Admin commented  ·   ·  Flag as inappropriate

    Adding certbot support to issue and auto renew SSL certificates would be great.

    Requires the web server to recognise .well-known/acme-challenge, a cron job to auto renew and a hook to restart services when a new certificate is issued (every 3 months).

    Vital as even small organisations can no longer use self signed certificates as iPhones/iPads will not honour them for mail.

  • Chris Weiss commented  ·   ·  Flag as inappropriate

    certbot could easily be used if the embedded web server would honor the needed files in a ".well-known" folder. full support would be nice though.

  • brad commented  ·   ·  Flag as inappropriate

    I would assume that Full support for Letsencrypt would include Disaster recovery. The ability to do a backup of Kerio and recover it with out missing pieces to have to remember.

    Also Letsencrypt certificates expire every 90 days. Kerio connect would need the ability to auto renew.

  • Viktoria Rei Bauer commented  ·   ·  Flag as inappropriate

    You can already use LetsEncrypt certificates - just create the certificate and import the private and public key. Sure, using the API would be neat.

  • Carsten Maas commented  ·   ·  Flag as inappropriate

    Who can be sure, that also "bad guys" use LetsEncrypt? So from my point of view, reputation of well known CAs is better in a professional environment.

Feedback and Knowledge Base