I run updcert.sh every night (set 'days=X', which is the number of days
before expiration at which time the certificate will be updated):
cat updcert.sh <<EOL
#!/bin/bash
mailcert () {
cat /etc/letsencrypt/live/mail.whitehorsetc.com/privkey.pem
/etc/letsencrypt/live/mail.whitehorsetc.com/fullchain.pem > ./servercert.pem
cp -p /var/qmail/control/servercert.pem
/var/qmail/control/servercert.pem.bak
cp ./servercert.pem /var/qmail/control/servercert.pem
systemctl reload dovecot
qmailctl stop && sleep 2 && qmailctl start
}
LOG=/var/log/certs.log
days=3
today=`date`
today=`date --date="$today" --utc +%s`
certdir=/etc/letsencrypt/live
certfile=fullchain.pem
for certdom in `ls $certdir`
do
exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile | grep
notAfter | sed 's/notAfter=//'`
off=`date --date="$exp" --utc +%s`
diff=$(( (off - today)/86400 ))
echo "Certificate Domain: $certdom, Days to expire: $diff"
echo ""
if [ $diff -le $days ]
then
certbot renew --cert-name $certdom
systemctl reload httpd
[ "$certdom" = "mail.whitehorsetc.com" ] && mailcert
fi
done
exit 0
EOL
On 4/27/2022 1:07 PM, Remo Mattei wrote:
Hi David, can you share your config maybe I ping you offlinee.
Remo
On Apr 26, 2022, at 23:55, David Bray <da...@brayworth.com> wrote:
I'm using Letsencrypt and it renews every - well not sure, is it 10/11 weeks -
the certs are valid for 3 months
It never has an issue with iOS
Cheers
David Bray
e. da...@brayworth.com
April 27, 2022 1:47 AM, "Remo Mattei" <r...@mattei.org> wrote:
Hello guys,
I got a few of my customers that every year after the upgrade of the SSL cert
do have issues and
shows cert expired or not valid. I did not have the issue on my iOS, but I just
wonder if anyone
has seen that and how they planned to overcome to this issue.
Thanks,
Remo
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com