Hi, I'm sorry to bother you with frequent bug reports.
/usr/share/ssl/certs/ca-bundle.crt is not updated when getting the certificate from /ssl/letsencryptCert control panel. # ls -al /usr/share/ssl/certs/sendmail.pem /usr/share/ssl/certs/ca-bundle.crt -r--r--r-- 1 root root 222148 May 23 00:44 /usr/share/ssl/certs/ca-bundle.crt <- old -rw------- 1 root root 5496 May 23 01:04 /usr/share/ssl/certs/sendmail.pem <- This one has been updated. Does not succeed is starttls in this state. # echo | openssl s_client -starttls smtp -connect localhost:25 | grep '^/C=US/O=Let' (nothing) (The normal case) # echo | openssl s_client -starttls smtp -connect localhost:25 | grep '^/C=US/O=Let' /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 It will be updated by running /usr/sausalito/constructor/base/email/syncEmailService.pl. Then restart sendmail and it should work. To my understanding, calling syncEmailService.pl is either: * systemctl restart cced.construct.service * reboot If this is correct, some people may have trouble with the initial ssl setup. This is the last bug report we know of. Thanks, _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx
