On 2024-06-27 05:24, Viktor Dukhovni via Postfix-users wrote: > Publishing just "R10" will soon fail, when you get a cert from "R11" or > one of the backup issuers R12, R13 or R14. You MUST publish them all to > avoid sudden breakage surprises.
Isn't it easier to just used self-signed certificates in this case? I really don't understand the benefits of letsencrypt in the mail server use case, when DANE works just fine with certificates that you can generate yourself and don't have to deal with LE's high turnover intermediaries nonsense. -- Matt _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
