Rodrigo,
Here’s my script for Letsencrypt, obviously, you would change out
secure.carlc.com with the name of website on the email server that QMAIL runs:
[root@mail7 ~]# more copy_letsencrypt_files.sh
#!/bin/bash
#
# Script to copy lets encrypt files to the right area and restart the needed
services.
#
# Initial concept by RCC 06/08/2018
#
# Test if the letsencrypt live cert.pem file was changed in the last 24 hours...
#
if test `find "/etc/letsencrypt/live/secure.carlc.com/cert.pem" -mmin +1440`
then
echo "Cert file is older than 1440 test minutes (24 hours)... STOP!"
exit
fi
echo "Get to work, New cert file is younger than 1440 minutes (24 hours)..."
#
#
# Dovecot just needs a restart as they are using the /etc/letsencrypt/live
files already
#
/usr/sbin/service dovecot restart
#
# Qmail SMTP-SSL
#
# Create a new /var/qmail/control/servercert.pem-NEW
#
# NOTE: order is critical, start with private key, then URL cert, then any
intermediate files.
#
cat /etc/letsencrypt/live/secure.carlc.com/privkey.pem >
/var/qmail/control/servercert.pem-NEW
cat /etc/letsencrypt/live/secure.carlc.com/cert.pem >>
/var/qmail/control/servercert.pem-NEW
cat /etc/letsencrypt/live/secure.carlc.com/chain.pem >>
/var/qmail/control/servercert.pem-NEW
#
# Swap out files, move current to OLD then NEW to current
#
mv /var/qmail/control/servercert.pem /var/qmail/control/servercert.pem-OLD
mv /var/qmail/control/servercert.pem-NEW /var/qmail/control/servercert.pem
chmod 644 /var/qmail/control/servercert.pem
chown root.vchkpw /var/qmail/control/servercert.pem
#
# Need to restart QMAIL
#
/etc/rc.d/init.d/qmail restart
#
# Webmin (thank you QMAIL, we can use the new PEM file as it's the same format)
#
/usr/sbin/service webmin stop
cat /var/qmail/control/servercert.pem > /etc/webmin/miniserv.pem
/usr/sbin/service webmin start
#
#
#
From: Rodrigo Cortes [mailto:[email protected]]
Sent: Tuesday, May 11, 2021 09:27 PM
To: [email protected]
Subject: Re: [qmailtoaster] Certificate
hi!
is a simple script for renew and apply to qmail, dovecot and apache :)
I have this solution for other smtp and work fine :)
El mar, 11 may 2021 a las 21:07, Remo Mattei (<[email protected]
<mailto:[email protected]> >) escribió:
Yes the thing is 10 dollars for 2 years nothing to change whereas, letencrypt,
need to change every 90 days and IMAP will prompt you for a new cert.. not
ideal for customers if you do for your personal servers then that’s good.
Remo
On May 11, 2021, at 4:04 PM, Rodrigo Cortes <[email protected]
<mailto:[email protected]> > wrote:
Hi!
Use letencrypt, is free :)
El mar, 11 may 2021 a las 18:49, <[email protected] <mailto:[email protected]> >
escribió:
Ssls.com <http://Ssls.com>
> Il giorno 11 mag 2021, alle ore 15:03, Scott Hughes <[email protected]
> <mailto:[email protected]> > ha scritto:
>
> Where is the cheapest place to get a certificate for my server. The server
> is in the USA if that matters. Thank you!
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [email protected]
> <mailto:[email protected]>
> For additional commands, e-mail: [email protected]
> <mailto:[email protected]>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
<mailto:[email protected]>
