VestaCP SSL for mail server

VestaCP install self signed SSL for mail server by default. To install valid SSL, login to VestCP, go to sites. You will see a site with your sites hostname. If you don’t see it, create a site with your server hostname. Make sure DNS edited so hostname resolve to server IP. Now you should be able to get free LetsEncrypt SSL for this site.

if you check Apache Virtual Host for the site, you will see someting like

In VeataCP the config files for exim and dovecot located at

These configs use SSL located at /usr/local/vesta/ssl/certificate.crt and /usr/local/vesta/ssl/certificate.key.

To use the FREE SSL, create a bash script.


make the file executable

Run the script

Now SSL will work for mail server and VestaCP. To access VestaCP, use

Verify Mail Server SSL

You can view mail server SSL with command

Replace HOSTNAME with actual hostname of your server.

Auto Renew SSL

LetsEncrypt SSL expire every 90 days. So we will create a cronjob to auto renew SSL. Ff you have a paid SSL, you don’t need this cronjob

Create a cronjob with


Related Posts

VestaCP Free Hosting Control Panel

Need help with Linux Server or WordPress? We can help!

Leave a Reply

Your email address will not be published. Required fields are marked *