Is there a howto or a page that details how to properly install the certificate I purchased? Thanks!
> On May 12, 2021, at 11:29, Eric Broch <[email protected]> wrote: > > > Here's my auto renew script: > > <le> > > #!/bin/bash > > > # When to renew, days before expiration > days=3 > > today=`date` > today=`date --date="$today" --utc +%s` > > # FQDN for which to renew certificate > fqdn=host.domain.tld > certfile=/etc/letsencrypt/live/$fqdn/fullchain.pem > exp=`openssl x509 -dates -noout < $certfile | grep notAfter | sed > 's/notAfter=//'` > off=`date --date="$exp" --utc +%s` > diff=$(( (off - today)/86400 )) > echo "Certificate for FQDN $fqdn expires in $diff day(s)" > > # Renew if we're within the days parameter > if [ $diff -le $days ] > then > echo "Renew certificate $fqdn ..." > certbot renew --cert-name $fqdn > echo "Reload httpd..." > systemctl reload httpd > systemctl status httpd > echo "Install certificate for QMT..." > cat /etc/letsencrypt/live/$fqdn/privkey.pem > /etc/letsencrypt/live/$fqdn/fullchain.pem > /my/dir/path/servercert.pem > cp -p /var/qmail/control/servercert.pem > /var/qmail/control/servercert.pem.bak > cp /my/dir/path/servercert.pem /var/qmail/control/servercert.pem > qmailctl stop && sleep 5 && qmailctl start > systemctl restart dovecot > fi > > echo "Done..." > exit 0 > > </le> > > > > In crontab > > @daily /my/dir/path/le > > > On 5/12/2021 5:34 AM, CarlC Internet Services Service Desk wrote: >> Remo, >> >> I use LetsEncrypt, but I tell everyone who uses the service to use >> “secure.carlc.com” as the email server name. This causes the IMAP SSL to >> match up with the FQDN they are looking for. I never have an issue when >> LetsEncrypt does it automatic update [which is every 60 days as recommended >> by LetsEncrypt’s certbot] and the customer never gets a SSL cert mismatch. >> >> Carl >> >> From: Remo Mattei [mailto:[email protected]] >> Sent: Tuesday, May 11, 2021 09:07 PM >> To: [email protected] >> Subject: Re: [qmailtoaster] Certificate >> >> Yes the thing is 10 dollars for 2 years nothing to change whereas, >> letencrypt, need to change every 90 days and IMAP will prompt you for a new >> cert.. not ideal for customers if you do for your personal servers then >> that’s good. >> >> Remo >> >> >> On May 11, 2021, at 4:04 PM, Rodrigo Cortes <[email protected]> wrote: >> >> Hi! >> >> Use letencrypt, is free :) >> >> El mar, 11 may 2021 a las 18:49, <[email protected]> escribió: >> Ssls.com >> >> > Il giorno 11 mag 2021, alle ore 15:03, Scott Hughes >> > <[email protected]> ha scritto: >> > >> > Where is the cheapest place to get a certificate for my server. The >> > server is in the USA if that matters. Thank you! >> > --------------------------------------------------------------------- >> > To unsubscribe, e-mail: [email protected] >> > For additional commands, e-mail: [email protected] >> > >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >>
