Thank you! > On Apr 27, 2022, at 13:43, Eric Broch <ebr...@whitehorsetc.com> wrote: > > This is the correct procedure for creating file updcerts.sh : > > cat <<'EOL'>> updcerts.sh > #!/bin/bash > > mailcert () { > cat /etc/letsencrypt/live/mail.whitehorsetc.com/privkey.pem > /etc/letsencrypt/live/mail.whitehorsetc.com/fullchain.pem > ./servercert.pem > cp -p /var/qmail/control/servercert.pem > /var/qmail/control/servercert.pem.bak > cp ./servercert.pem /var/qmail/control/servercert.pem > systemctl reload dovecot > qmailctl stop && sleep 2 && qmailctl start > } > > LOG=/var/log/certs.log > days=3 > today=`date` > today=`date --date="$today" --utc +%s` > certdir=/etc/letsencrypt/live > certfile=fullchain.pem > > for certdom in `ls $certdir` > do > exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile | grep > notAfter | sed 's/notAfter=//'` > off=`date --date="$exp" --utc +%s` > diff=$(( (off - today)/86400 )) > echo "Certificate Domain: $certdom, Days to expire: $diff" > echo "" > if [ $diff -le $days ] > then > certbot renew --cert-name $certdom > systemctl reload httpd > [ "$certdom" = "mail.whitehorsetc.com" ] && mailcert > fi > done > exit 0 > EOL > > On 4/27/2022 2:18 PM, Eric Broch wrote: >> I run updcert.sh every night (set 'days=X', which is the number of days >> before expiration at which time the certificate will be updated): >> >> cat updcert.sh <<EOL >> >> #!/bin/bash >> >> mailcert () { >> cat /etc/letsencrypt/live/mail.whitehorsetc.com/privkey.pem >> /etc/letsencrypt/live/mail.whitehorsetc.com/fullchain.pem > ./servercert.pem >> cp -p /var/qmail/control/servercert.pem >> /var/qmail/control/servercert.pem.bak >> cp ./servercert.pem /var/qmail/control/servercert.pem >> systemctl reload dovecot >> qmailctl stop && sleep 2 && qmailctl start >> } >> >> LOG=/var/log/certs.log >> days=3 >> >> today=`date` >> today=`date --date="$today" --utc +%s` >> certdir=/etc/letsencrypt/live >> certfile=fullchain.pem >> >> for certdom in `ls $certdir` >> do >> exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile | grep >> notAfter | sed 's/notAfter=//'` >> off=`date --date="$exp" --utc +%s` >> diff=$(( (off - today)/86400 )) >> echo "Certificate Domain: $certdom, Days to expire: $diff" >> echo "" >> if [ $diff -le $days ] >> then >> certbot renew --cert-name $certdom >> systemctl reload httpd >> [ "$certdom" = "mail.whitehorsetc.com" ] && mailcert >> fi >> done >> >> exit 0 >> >> EOL >> >> On 4/27/2022 1:07 PM, Remo Mattei wrote: >>> Hi David, can you share your config maybe I ping you offlinee. >>> >>> Remo >>> >>>> On Apr 26, 2022, at 23:55, David Bray <da...@brayworth.com> wrote: >>>> >>>> I'm using Letsencrypt and it renews every - well not sure, is it 10/11 >>>> weeks - the certs are valid for 3 months >>>> >>>> It never has an issue with iOS >>>> >>>> Cheers >>>> >>>> David Bray >>>> e. da...@brayworth.com >>>> >>>> April 27, 2022 1:47 AM, "Remo Mattei" <r...@mattei.org> wrote: >>>> >>>>> Hello guys, >>>>> I got a few of my customers that every year after the upgrade of the SSL >>>>> cert do have issues and >>>>> shows cert expired or not valid. I did not have the issue on my iOS, but >>>>> I just wonder if anyone >>>>> has seen that and how they planned to overcome to this issue. >>>>> >>>>> Thanks, >>>>> Remo >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >>>>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >>>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com >>>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com >
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com