Let´s Encrypt certificate

IceWArp server 11.4 brings option with Let's Encrypt certificate

https://www-media.icewarp.com/en/pdf/whats-new-11_4.pdf

All the certificates discussed are used for SSL/TLS.

The default certificate is self-signed and does not match your domain. You can create more self-signed certificates, which are current and match your hostname(s), but self-signed certificates need to be manually deployed to client devices.

Certificates issued by recognized Certificate Authorities are trusted by client devices, but CAs charge exorbitant fees for the certificates and each hostname listed.

Open certification authority that lets administrators create and maintain server security certificates for free. And now thanks to the Let’s encrypt agent integration into WebAdmin and console, securing your IceWarp installation cannot get any easier. Certificates are automatically reissued before expiration, and need to be reissued manually only if domains are added or removed.

Server DNS record has to be resolvable and port 80 should be open.

From within the Admin console go to System > Certificates screen.

Click Add/Create button

Select "Free Let's Encrypt certificate" and next.

Put in the hostname(s) of your email server and click next.

Wait for a green checkbox to appear next to the newly created certificate item.

Let's Encrypt is a project that aims to make encryption more accessible by issuing signed certificates for free. Any client device that has added Let's Encrypt as a trusted CA will recognize these certificates as trusted. IceWarp 11.4 can retrieve certificates from Let's Encrypt for all your domains, automatically and for free.