You can either drop the authentication token into /.wellknown on your running server, or take down the server for a minute to run certbot every couple months.
I'm not a fan of symlinks out of config directories and certainly not across chroot / jail boundaries so I manually copy the certs into the a subdirectory of the dovecot config directory. Here's the segment from my local.conf file. The notes on permission choices are mine and are stronger than many suggest. --- # Preferred permissions: root:wheel 0444 ssl_cert = </usr/local/etc/dovecot/<some_meaningful_name>/fullchain.pem # Preferred permissions: root:wheel 0400 ssl_key = </usr/local/etc/dovecot/<some_meaningful_name>/privkey.pem --- FreeBSD uses a different directory structure than most Linux-based systems, so the path to the dovecot config directory may be different for you. I didn't ever find any documentation of the 'var = <file' notation but it take it to mean read the contents of the file into the variable Jeff On 3/3/17 11:22 AM, David Mehler wrote:
Hello, Thanks. Is there another way of doing this? I've got a web server running on 80 and 443. Are there any other options? Thanks. Dave.