Should a Mail Server have an SSL Certificate?
I'm setting up a small mail server. I'd like to know if one should have an SSL certificate for the mail subdomain? e.g. my domain would be: mail.example.com
I am asking this because I was running certbot like this:
sudo certbot certonly --standalone -v -d mail.mydomain.info
And certbot complained:
Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
The only thing that could be holding port 80 is my apache.
Should I go ahead and shut down my apache and run this? Or could this cause new problems?
1 Reply
hdiep
Linode Staff
According to this forum post, it depends. Typically, an SSL certificate is valid for just one domain, such as www.domain.example. In addition to the typical single domain certificate, you can also obtain wildcard and multidomain certificates. I recommend reviewing that forum post further to understand the different types of certs are available, and how to proceed.
I am asking this because I was running certbot like this:
sudo certbot certonly --standalone -v -d mail.mydomain.info
Essentially, you have told certbot to run standalone rather than co-operating with the existing webserver.
And certbot complained:
Could not bind TCP port 80 because it is already in use by another process on this system (such as a web server). Please stop the program in question and then try again.
To get around this, you can change certbot --standalone to a different plugin such as, --apache, to install and configure an SSL certificate with Apache or temporarily stopping your web server. We have a Community post that can walk you through this process: