Centos7. I have successfully installed certbot and generated my certificates. I have pointed my Dovecot to them as well as well as Postfix SASL. Both functioning properly. How do I point my sshd to them? sshd worked out of the box so to speak I assume with some pre-generated generic cert. I would prefer to configure ssh so it "points" to the generated certs so I don't have to copy or link them elsewhere every time they renew.
Or is this not applicable? I've got several entries in /etc/sshd_conf related to hostkey but not sure what those are?
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
TLDR: The PEM certs are not applicable.
Certbot generates PEM certs largely meant for communication on the web. In your case, server certs were generated since you used them for Dovecot and Postfix. Afaik, SSHD doesn't support PEMs. The SSH client does, but it needs client certs, not server certs.
The HostKey parameter tells SSHD which SSH keys (whose format is different from PEMs) to use. RSA, ECDSA, etc are the encryption algos that SSHD supports for encrypting the SSH channel. For each supported algo, it needs a keypair. These are auto-generated when SSHD starts the first time.
See this page for more info on SSH client certs in PEM format.