On the SSL page for the CENTOS 7 LetsEncrypt install, #3 C & D reads: - Add to Apache Virtual CentOS 6 & 7
SSLCertificateFile /etc/letsencrypt/live/mydomain.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/mydomain.com/fullchain.pem - Add to Dovecot CentOS 6 & 7 ssl_cert = </etc/letsencrypt/live/mydomain.com/fullchain.pem ssl_key = </etc/letsencrypt/live/mydomain.com/privkey.pem - It's been a LOOOOOONG time since I've done this and don't recognize what this means. Thanks in advance! On Thu, May 13, 2021 at 1:54 PM Eric Broch <[email protected]> wrote: > Here's the link > > https://www.qmailtoaster.org/ssl.html > On 5/13/2021 11:04 AM, Scott Hughes wrote: > > Is there a howto or a page that details how to properly install the > certificate I purchased? Thanks! > > On May 12, 2021, at 11:29, Eric Broch <[email protected]> > <[email protected]> wrote: > > > > Here's my auto renew script: > > <le> > > #!/bin/bash > > # When to renew, days before expiration > days=3 > > today=`date` > today=`date --date="$today" --utc +%s` > > # FQDN for which to renew certificate > fqdn=host.domain.tld > certfile=/etc/letsencrypt/live/$fqdn/fullchain.pem > exp=`openssl x509 -dates -noout < $certfile | grep notAfter | sed > 's/notAfter=//'` > off=`date --date="$exp" --utc +%s` > diff=$(( (off - today)/86400 )) > echo "Certificate for FQDN $fqdn expires in $diff day(s)" > > # Renew if we're within the days parameter > if [ $diff -le $days ] > then > echo "Renew certificate $fqdn ..." > certbot renew --cert-name $fqdn > echo "Reload httpd..." > systemctl reload httpd > systemctl status httpd > echo "Install certificate for QMT..." > cat /etc/letsencrypt/live/$fqdn/privkey.pem > /etc/letsencrypt/live/$fqdn/fullchain.pem > /my/dir/path/servercert.pem > cp -p /var/qmail/control/servercert.pem > /var/qmail/control/servercert.pem.bak > cp /my/dir/path/servercert.pem /var/qmail/control/servercert.pem > qmailctl stop && sleep 5 && qmailctl start > systemctl restart dovecot > fi > > echo "Done..." > > exit 0 > > </le> > > > In crontab > > @daily /my/dir/path/le > > On 5/12/2021 5:34 AM, CarlC Internet Services Service Desk wrote: > > Remo, > > > > I use LetsEncrypt, but I tell everyone who uses the service to use “ > secure.carlc.com” as the email server name. This causes the IMAP SSL to > match up with the FQDN they are looking for. I never have an issue when > LetsEncrypt does it automatic update [which is every 60 days as recommended > by LetsEncrypt’s certbot] and the customer never gets a SSL cert mismatch. > > > > Carl > > > > *From:* Remo Mattei [mailto:[email protected] <[email protected]>] > *Sent:* Tuesday, May 11, 2021 09:07 PM > *To:* [email protected] > *Subject:* Re: [qmailtoaster] Certificate > > > > Yes the thing is 10 dollars for 2 years nothing to change whereas, > letencrypt, need to change every 90 days and IMAP will prompt you for a new > cert.. not ideal for customers if you do for your personal servers then > that’s good. > > > > Remo > > > > On May 11, 2021, at 4:04 PM, Rodrigo Cortes <[email protected]> wrote: > > > > Hi! > > > > Use letencrypt, is free :) > > > > El mar, 11 may 2021 a las 18:49, <[email protected]> escribió: > > Ssls.com > > > Il giorno 11 mag 2021, alle ore 15:03, Scott Hughes < > [email protected]> ha scritto: > > > > Where is the cheapest place to get a certificate for my server. The > server is in the USA if that matters. Thank you! > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > >
