LetsEncrypt + Wilcard + cloudflare

This section contains user-submitted tutorials.
Post Reply
User avatar
bagu
Normal user
Normal user
Posts: 211
Joined: 2005-06-17 03:08
Location: France
Contact:

LetsEncrypt + Wilcard + cloudflare

Post by bagu » 2019-09-27 14:21

Here is a small tutorial to get Letsencrypt wildcard easily with Posh-Acme and Cloudflare (thanks to palinka)
It auto-create Cloudflare DNS TXT.
  1. Launch powershell as an admin
  2. Remove restrictions with :

    Code: Select all

    set-executionpolicy unrestricted
  3. Install Posh-ACME with this command :

    Code: Select all

    Install-Module -Name Posh-ACME
  4. Set the server as a production server (to use a staging server, replace LE_PROD by LE_STAGE) :

    Code: Select all

    Set-PAServer LE_STAGE
  5. Set cloudflare param with :

    Code: Select all

    $pArgs = @{ CFAuthEmail=cloudflareemail@email.com'; CFAuthKey='cloudflarepassword' }
  6. Ask a new certificate with :

    Code: Select all

    New-PACertificate '*.domain1oncloudflare.com','*.domain2oncloudflare.org' -AcceptTOS -Contact my@email.com -DnsPlugin Cloudflare -PluginArgs $pArgs -Verbose
  7. Follow screen instructions on powershell
  8. Then, search your certificate with :

    Code: Select all

    Get-PACertificate | fl
  9. Get cert.key as key and fullchain.cer as public certificate and insert them in Hmailserver
Then, you can make a planned task to renew the certificate every 85days with a script witch contain :

Code: Select all

Submit-Renewal -PluginArgs @{CFAuthEmail='cloudflareemail@email.com'; CFAuthKey='cloudflarepassword'}

Don't forget to get the renewed certificate and copy them to the folder where hmailserver is set to get them.
And, don't forget to restart hmailserver

I will put here an example of script wich renew, copy and restart hmailserver later.

If you have any tips to improve or modify this tutorial, do not hesitate to propose your modifications.
hMailServer 5.6.8 With SpamAssassin 3.4.2

palinka
Senior user
Senior user
Posts: 1262
Joined: 2017-09-12 17:57

Re: LetsEncrypt + Wilcard + cloudflare

Post by palinka » 2019-09-27 15:07

đź‘Ť

Post Reply