Thank you!
> On Apr 27, 2022, at 13:43, Eric Broch <ebr...@whitehorsetc.com> wrote:
>
> This is the correct procedure for creating file updcerts.sh :
>
> cat <<'EOL'>> updcerts.sh
> #!/bin/bash
>
> mailcert () {
> cat /etc/letsencrypt/live/mail.whitehorsetc.com/privkey.pem
> /etc/letsencrypt/live/mail.whitehorsetc.com/fullchain.pem > ./servercert.pem
> cp -p /var/qmail/control/servercert.pem
> /var/qmail/control/servercert.pem.bak
> cp ./servercert.pem /var/qmail/control/servercert.pem
> systemctl reload dovecot
> qmailctl stop && sleep 2 && qmailctl start
> }
>
> LOG=/var/log/certs.log
> days=3
> today=`date`
> today=`date --date="$today" --utc +%s`
> certdir=/etc/letsencrypt/live
> certfile=fullchain.pem
>
> for certdom in `ls $certdir`
> do
> exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile | grep
> notAfter | sed 's/notAfter=//'`
> off=`date --date="$exp" --utc +%s`
> diff=$(( (off - today)/86400 ))
> echo "Certificate Domain: $certdom, Days to expire: $diff"
> echo ""
> if [ $diff -le $days ]
> then
> certbot renew --cert-name $certdom
> systemctl reload httpd
> [ "$certdom" = "mail.whitehorsetc.com" ] && mailcert
> fi
> done
> exit 0
> EOL
>
> On 4/27/2022 2:18 PM, Eric Broch wrote:
>> I run updcert.sh every night (set 'days=X', which is the number of days
>> before expiration at which time the certificate will be updated):
>>
>> cat updcert.sh <<EOL
>>
>> #!/bin/bash
>>
>> mailcert () {
>> cat /etc/letsencrypt/live/mail.whitehorsetc.com/privkey.pem
>> /etc/letsencrypt/live/mail.whitehorsetc.com/fullchain.pem > ./servercert.pem
>> cp -p /var/qmail/control/servercert.pem
>> /var/qmail/control/servercert.pem.bak
>> cp ./servercert.pem /var/qmail/control/servercert.pem
>> systemctl reload dovecot
>> qmailctl stop && sleep 2 && qmailctl start
>> }
>>
>> LOG=/var/log/certs.log
>> days=3
>>
>> today=`date`
>> today=`date --date="$today" --utc +%s`
>> certdir=/etc/letsencrypt/live
>> certfile=fullchain.pem
>>
>> for certdom in `ls $certdir`
>> do
>> exp=`openssl x509 -dates -noout < $certdir/$certdom/$certfile | grep
>> notAfter | sed 's/notAfter=//'`
>> off=`date --date="$exp" --utc +%s`
>> diff=$(( (off - today)/86400 ))
>> echo "Certificate Domain: $certdom, Days to expire: $diff"
>> echo ""
>> if [ $diff -le $days ]
>> then
>> certbot renew --cert-name $certdom
>> systemctl reload httpd
>> [ "$certdom" = "mail.whitehorsetc.com" ] && mailcert
>> fi
>> done
>>
>> exit 0
>>
>> EOL
>>
>> On 4/27/2022 1:07 PM, Remo Mattei wrote:
>>> Hi David, can you share your config maybe I ping you offlinee.
>>>
>>> Remo
>>>
>>>> On Apr 26, 2022, at 23:55, David Bray <da...@brayworth.com> wrote:
>>>>
>>>> I'm using Letsencrypt and it renews every - well not sure, is it 10/11
>>>> weeks - the certs are valid for 3 months
>>>>
>>>> It never has an issue with iOS
>>>>
>>>> Cheers
>>>>
>>>> David Bray
>>>> e. da...@brayworth.com
>>>>
>>>> April 27, 2022 1:47 AM, "Remo Mattei" <r...@mattei.org> wrote:
>>>>
>>>>> Hello guys,
>>>>> I got a few of my customers that every year after the upgrade of the SSL
>>>>> cert do have issues and
>>>>> shows cert expired or not valid. I did not have the issue on my iOS, but
>>>>> I just wonder if anyone
>>>>> has seen that and how they planned to overcome to this issue.
>>>>>
>>>>> Thanks,
>>>>> Remo
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>>>>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>>>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
