Thanks!
> On May 13, 2021, at 13:54, Eric Broch <[email protected]> wrote: > > > Here's the link > > https://www.qmailtoaster.org/ssl.html > > On 5/13/2021 11:04 AM, Scott Hughes wrote: >> Is there a howto or a page that details how to properly install the >> certificate I purchased? Thanks! >> >>> On May 12, 2021, at 11:29, Eric Broch <[email protected]> wrote: >>> >>> >>> Here's my auto renew script: >>> >>> <le> >>> >>> #!/bin/bash >>> >>> >>> # When to renew, days before expiration >>> days=3 >>> >>> today=`date` >>> today=`date --date="$today" --utc +%s` >>> >>> # FQDN for which to renew certificate >>> fqdn=host.domain.tld >>> certfile=/etc/letsencrypt/live/$fqdn/fullchain.pem >>> exp=`openssl x509 -dates -noout < $certfile | grep notAfter | sed >>> 's/notAfter=//'` >>> off=`date --date="$exp" --utc +%s` >>> diff=$(( (off - today)/86400 )) >>> echo "Certificate for FQDN $fqdn expires in $diff day(s)" >>> >>> # Renew if we're within the days parameter >>> if [ $diff -le $days ] >>> then >>> echo "Renew certificate $fqdn ..." >>> certbot renew --cert-name $fqdn >>> echo "Reload httpd..." >>> systemctl reload httpd >>> systemctl status httpd >>> echo "Install certificate for QMT..." >>> cat /etc/letsencrypt/live/$fqdn/privkey.pem >>> /etc/letsencrypt/live/$fqdn/fullchain.pem > /my/dir/path/servercert.pem >>> cp -p /var/qmail/control/servercert.pem >>> /var/qmail/control/servercert.pem.bak >>> cp /my/dir/path/servercert.pem /var/qmail/control/servercert.pem >>> qmailctl stop && sleep 5 && qmailctl start >>> systemctl restart dovecot >>> fi >>> >>> echo "Done..." >>> exit 0 >>> >>> </le> >>> >>> >>> >>> In crontab >>> >>> @daily /my/dir/path/le >>> >>> >>> On 5/12/2021 5:34 AM, CarlC Internet Services Service Desk wrote: >>>> Remo, >>>> >>>> I use LetsEncrypt, but I tell everyone who uses the service to use >>>> “secure.carlc.com” as the email server name. This causes the IMAP SSL to >>>> match up with the FQDN they are looking for. I never have an issue when >>>> LetsEncrypt does it automatic update [which is every 60 days as >>>> recommended by LetsEncrypt’s certbot] and the customer never gets a SSL >>>> cert mismatch. >>>> >>>> Carl >>>> >>>> From: Remo Mattei [mailto:[email protected]] >>>> Sent: Tuesday, May 11, 2021 09:07 PM >>>> To: [email protected] >>>> Subject: Re: [qmailtoaster] Certificate >>>> >>>> Yes the thing is 10 dollars for 2 years nothing to change whereas, >>>> letencrypt, need to change every 90 days and IMAP will prompt you for a >>>> new cert.. not ideal for customers if you do for your personal servers >>>> then that’s good. >>>> >>>> Remo >>>> >>>> >>>> On May 11, 2021, at 4:04 PM, Rodrigo Cortes <[email protected]> wrote: >>>> >>>> Hi! >>>> >>>> Use letencrypt, is free :) >>>> >>>> El mar, 11 may 2021 a las 18:49, <[email protected]> escribió: >>>> Ssls.com >>>> >>>> > Il giorno 11 mag 2021, alle ore 15:03, Scott Hughes >>>> > <[email protected]> ha scritto: >>>> > >>>> > Where is the cheapest place to get a certificate for my server. The >>>> > server is in the USA if that matters. Thank you! >>>> > --------------------------------------------------------------------- >>>> > To unsubscribe, e-mail: [email protected] >>>> > For additional commands, e-mail: [email protected] >>>> > >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [email protected] >>>> For additional commands, e-mail: [email protected] >>>>
