Cert from other Host (NGINX Proxy Manager)

[nicedevil]

Hey guys,

I was able to setup PMG yesterday and my mailcow behind it. Right now I run into the following issue that I get a reject on a receiving server ehlo/helo domain.
F.e. my PMG got the hostname mailgateway.internal.local right now.

My 1st: Is it just enough to change the hostname in /etc/hosts to the one that my IP is registered to specific DNS adress or is that a setting from anywhere else?

My 2nd: I have only 1 static IP on my site. Behind that is a NGINX ProxyManager that handles all certificates for my services. The PMG isn't the same host ofc... how can I solve the issue to get the certificate from lets encrypt to this host? My domain is hosted by netcup, maybe that is a needed information for a solution?

Thank you very much in advance.

 

[nicedevil]

Ok solved the ehlo/helo part with the hostname in changes in the webui

Now just the part with the NPM is mssing

EDIT: Or better question, what are the commands to import the cert from my nginxproxymanager via shell?

 

[nicedevil]

Ok found the solution that worked for me
In case anyone else is looking for it:

#!/bin/bash
scp root@IPNGINXPROXYMANAGER:/etc/letsencrypt/live/npm-ID/fullchain.pem /etc/pmg/pmg-tls-chain.tmp
scp root@IPNGINXPROXYMANAGER:/etc/letsencrypt/live/npm-ID/privkey.pem /etc/pmg/pmg-tls-key.tmp
cat /etc/pmg/pmg-tls-key.tmp > /etc/pmg/pmg-tls.pem
cat /etc/pmg/pmg-tls-chain.tmp >> /etc/pmg/pmg-tls.pem
rm -rf /etc/pmg/pmg-tls-key.tmp
rm -rf /etc/pmg/pmg-tls-chain.tmp
systemctl restart pmgproxy

Change IP for the NginxProxyManager and the ID after "npm-" to the one of your environment.
Then just make a cronjob on the PMG

Ofc you have to copy RSA keys to get passwordless logins done