similar to: Dovecot and Letsencrypt certs

Displaying 20 results from an estimated 4000 matches similar to: "Dovecot and Letsencrypt certs"

2017 Sep 11
1
Dovecot and Letsencrypt certs
<master at remort.net> writes: > "writing a script to check the certs" - there is no need to write any > scripts. As one mentioned, it's done by a hook to certbot. Please read > the manuals for LE or certbot. The issue you have is quite common and > of course certbot designed to do it for you. Won't work, of course, if you employ the least-privilege security
2017 Sep 12
2
Dovecot and Letsencrypt certs
And remove that "postfix reload" command - Postfix doesn't require explicit reloading. It'll pickup the changed cert automagically. Daniel On 9/12/2017 9:26 AM, Daniel Miller wrote: > What's wrong with using a certbot "post-hook" script such as: > > #!/bin/bash > echo "Letsencrypt renewal hook running..." > echo
2020 Oct 09
2
Feature request.
> I have to say I'm totally baffled since I do nothing when LetsEncrypt renews the certificate. > > I know the cert has been updated because the mail clients asks me if I trust the certificate. > > If it makes a difference I use the bash LetsEncrypt not the Python code. I don't like all those dependencies certbot (python) installs, but it works flawlessly on CentOS. On
2019 Mar 14
4
Am I right to assume certificate renewal with the same filename requires a dovecot reload/restart
On 3/14/19 9:32 AM, Yassine Chaouche via dovecot wrote: > The general answere here is try and see, as you could totally test it > on your own. The certificate is read at startup and put in memory for > the rest of the execution time. Dovecot won't monitor the file for > changes on disk, as this would waste CPU cycles and make dovecot only > slower for no reason. The process
2019 Mar 14
0
Re: Am I right to assume certificate renewal with the same filename requires a dovecot reload/restart
On Thu, Mar 14, 2019, at 11:33 AM, Yassine Chaouche via dovecot wrote: > On 3/14/19 9:32 AM, Yassine Chaouche via dovecot wrote: > > The general answere here is try and see, as you could totally test it > > on your own. The certificate is read at startup and put in memory for > > the rest of the execution time. Dovecot won't monitor the file for > > changes on
2018 Sep 15
1
icecast ssl and letsencrypt renewal
Install letsencrypt and request a certificate specifying the webroot of your Icecast server and the host.domain: certbot-auto certonly --webroot --webroot-path /usr/share/icecast2/web/ -d icecast.domain.name Now you should have a certificate for your server, it's only in the wrong format for Icecast, copy the key and the certificate to 1 file with the following cmd: cat
2018 Sep 06
2
icecast ssl and letsencrypt renewal
That’s what I have been looking for, thanks ! From: Icecast [mailto:icecast-bounces at xiph.org] On Behalf Of Tycho Eggen Sent: donderdag 6 september 2018 22:21 To: Icecast streaming server user discussions Subject: Re: [Icecast] icecast ssl and letsencrypt renewal You can add a posthook to your certbot cronjob: certbot renew —post-hook “/etc/init.d/icecast restart” Or however you restart
2017 Sep 08
1
Dovecot and Letsencrypt certs
On 08 Sep 2017, at 12:21, Ralph Seichter <m16+dovecot at monksofcool.net> wrote: > On 08.09.2017 19:51, @lbutlr wrote: >> How I would do it is IF the certificate is expired, the dovecot should >> check if there is a new cert and if so, load it. > New cert as in file modification date or checksum changed? Either one, but checksum is going to be more reliable. > Might
2018 Sep 06
2
icecast ssl and letsencrypt renewal
Hi all, I have setup icecast to work with letsencrypt ssl certificate, this works fine. But now I am struggling a bit on how to renew the certificate every 3 months. As per letsencrypt recommendation I run a cronjob to check for renewal every day, problem is when there is a new certificate Icecast needs to be restarted to pick it up, as the certificate only seems to be loaded at startup of
2017 Mar 03
3
letsencrypt
Hello, Thanks. Is there another way of doing this? I've got a web server running on 80 and 443. Are there any other options? Thanks. Dave. On 3/3/17, Michael Neurohr <mine at michi.su> wrote: > On 2017-03-03 19:07, David Mehler wrote: >> Hello, >> >> I know some users here are using letsencrypt for their CA. If this is >> to off topic write me privately.
2017 Sep 13
1
Dovecot and Letsencrypt certs
Robert Wolf wrote on 13/09/2017 10:26: > are you sure? What is the refresh time? Instantly or with some delay? Have you > tested what happens if I install new key, but I delay installing correct > certificate? Does postfix keep the old key+cert or stop using any cert because > the new key is not correct for the current(old) certificate? > > On my postfix 2.9.6 on debian wheezy
2017 Sep 08
5
Dovecot and Letsencrypt certs
So this morning at 4am I was awoken to my mail clients getting certificate errors for an expired certificate. I hopped on to the server and checked and? no, the LE certs renewed last month and are valid until November. After some moments of confusion I noticed that dovecot had been running since before the renewal, so I did a quick service dovecot restart which fixed everything. Should dovecot
2018 Jul 15
3
Letsencrypt certificate for repo.dovecot.org expired May 14th..
Dear Aki, I think the renewal failed again. The SSL certificate expired Saturday, 14 July 2018. This affects (at least) the repo.dovecot.org website and debian repository. Thanks, Bernardo. On 2018-05-15 08:15, Aki Tuomi wrote: > On 15.05.2018 09:14, B. Reino wrote: >> Dear all, >> >> Just in case you've missed it, the certificate for repo.dovecot.org >> just
2017 Sep 08
2
Dovecot and Letsencrypt certs
On 08 Sep 2017, at 10:08, Ralph Seichter <m16+dovecot at monksofcool.net> wrote: > What is Dovecot supposed to do? Keep track of the certificate expiry > date? And if that is passed, then what? Automatically shutdown/restart? > What if the certificate has not been updated in between? I think that > handling certificates is better left to the administrator. How I would do it is
2017 Mar 03
0
letsencrypt
> Thanks. Is there another way of doing this? I've got a web server > running on 80 and 443. Are there any other options? I'm getting this list in digest mode, so it's possible by the time this gets to you, I will have repeated someone else' suggestion. In this situation, where your dovecot server lives on the same host as a web server (wembail?), and this web server is
2018 Sep 06
0
icecast ssl and letsencrypt renewal
Hello, How did you get icecast and letsencrypt certificates working? Thanks. Dave. On 9/6/18, _zer0_ gravity <zer0___ at hotmail.com> wrote: > That’s what I have been looking for, thanks ! > > From: Icecast [mailto:icecast-bounces at xiph.org] On Behalf Of Tycho Eggen > Sent: donderdag 6 september 2018 22:21 > To: Icecast streaming server user discussions > Subject: Re:
2018 Sep 06
0
icecast ssl and letsencrypt renewal
You can add a posthook to your certbot cronjob: certbot renew —post-hook “/etc/init.d/icecast restart” Or however you restart icecast On Thu, Sep 6, 2018 at 13:05 _zer0_ gravity <zer0___ at hotmail.com> wrote: > Hi all, > > > > I have setup icecast to work with letsencrypt ssl certificate, this works > fine. > > But now I am struggling a bit on how to renew the
2020 Oct 09
3
Feature request.
On 09/10/2020 11:50, Plutocrat wrote: > On 09/10/2020 4:16 pm, Rogier Wolff wrote: >> It turns out that dovecot had been running uninterrupted since august >> 13th, the certificate was renewed on september 7th and I suspect it >> expired on october 7th. > I guess you could do a few things yourself to make sure the cert is valid. Thinking out loud: > > - Blunt
2019 Jan 10
3
repo.dovecot.org expired certificate
Yup, that did the trick. Thanks! Filipe On 1/10/19 7:47 AM, Aki Tuomi wrote: > > > On 10.1.2019 9.42, Filipe Carvalho wrote: >> >> Hello, >> >> Not sure if this is the right place to post this, but the ssl >> certificate of the repo.dovecot.org server expired on the 9th of January. >> >> It's giving an error via the browser and via the apt
2017 Sep 08
0
Dovecot and Letsencrypt certs
On 08.09.2017 16:20, LuKreme wrote: > That is a great solution, but I think it?s probably easier to just > kick dovecot once a month. Certbot hooks are very easy to write, and are only executed when the certificate is updated. In that light, I can see no advantage in "kick dovecot once a month". ;-) > However, it seems like checking the certs is something that dovecot >