Comment by mmd45
Comment by mmd45 2 days ago
I'm using a private ip over a vpn so I don't think that workaround will work for me. I don't really want a public dns record.
Comment by mmd45 2 days ago
I'm using a private ip over a vpn so I don't think that workaround will work for me. I don't really want a public dns record.
LE will issue you a wildcard certificate and it's usable for mail.
i'm just using a hardcoded private ip to connect to the imap server. are you saying i can get a certificate with a hostname of "*" that will match ANY ip address?
No, but you could use DNS for that internal IP. And then you'd have a hostname. Since your IMAP server likely has some way of getting external mail, it is likely that you have a DNS zone and MX records, so adding an A record for your internal IMAP access isn't that much of an effort compared to what you already would have.
If you have mmd45.com as a domain and have MX records pointing to your mail server, adding imap.mmd45.com pointing to your IMAP server should be fairly simple. Getting a Let's Encrypt certificate for *.mmd45.com is all that remains for the TLS part with a valid CA chain. As a bonus you can then also use encrypted SMTP.
unfortunately none of that applies to my setup. my imap server lives in a dmz and doesn't have all that other jazz.
If so, then you might want to mint your own root certificate and then import it to your iPhone.