On 2021-04-10 12:09 p.m., Brady Shea wrote:
I finally 'fixed' it myself by using the LE 'fullchain.pem'
certificate as the location for the 'ssl_cert' entry (and chain.pem
for the ca entry). Previously, it was using the normal cert.pem file
location. This is still the way it's setup on the
On 11/04/2021 01:04, @lbutlr wrote:
> On 10 Apr 2021, at 12:57, Juri Haberland wrote:
>> On 10/04/2021 19:52, @lbutlr wrote:
>>> On 10 Apr 2021, at 09:55, B Shea wrote:
OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020
>>>
>>> There have been a few critical patches to open SSL in
On 10 Apr 2021, at 12:57, Juri Haberland wrote:
> On 10/04/2021 19:52, @lbutlr wrote:
>> On 10 Apr 2021, at 09:55, B Shea wrote:
>>> OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020
>>
>> There have been a few critical patches to open SSL in the last year,
>> including a very
On 10/04/2021 19:52, @lbutlr wrote:
> On 10 Apr 2021, at 09:55, B Shea wrote:
>> OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020
>
> There have been a few critical patches to open SSL in the last year,
> including a very important one to 1.1.1k just recently.
>
> Not to do with
On 10 Apr 2021, at 09:55, B Shea wrote:
> OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020
There have been a few critical patches to open SSL in the last year, including
a very important one to 1.1.1k just recently.
Not to do with your issue, but I suspect updating both openssl and
> On 10/04/2021 19:09 Brady Shea wrote:
>
>
> OS: Ubuntu 20.04.2 (on mutli-core VM)
> Dovecot (Ubuntu default/repo version): 2.3.7.2 (3c910f64b)
> OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020
>
> Reproducing-
>
> Run: "openssl s_client -showcerts -connect
So it seems. Guess our certbot does not support post hook directories,
since it's not executing the hooks there.
Aki
On 12.09.2018 08:56, B. Reino wrote:
>
> FYI, it happened again :)
>
> On July 15, 2018 10:49:08 AM GMT+02:00, "B. Reino" wrote:
>> Dear Aki,
>>
>> I think the renewal failed
FYI, it happened again :)
On July 15, 2018 10:49:08 AM GMT+02:00, "B. Reino" wrote:
>Dear Aki,
>
>I think the renewal failed again. The SSL certificate expired Saturday,
>
>14 July 2018.
>
>This affects (at least) the repo.dovecot.org website and debian
>repository.
>
>Thanks,
>Bernardo.
>
ot;
> Date: 15/07/2018 11:49 (GMT+02:00)
> To: Aki Tuomi
> Cc: Dovecot Mailing List
> Subject: Re: Letsencrypt certificate for repo.dovecot.org expired May 14th..
>
> Dear Aki,
>
> I think the renewal failed again. The SSL certificate expired Saturday,
> 14 July 2018.
&
certbot clearly hates me
---Aki TuomiDovecot oy
Original message From: "B. Reino" Date:
15/07/2018 11:49 (GMT+02:00) To: Aki Tuomi Cc: Dovecot
Mailing List Subject: Re: Letsencrypt certificate for
repo.dovecot.org expired May 14th..
Dear Aki,
I think the rene
Dear Aki,
I think the renewal failed again. The SSL certificate expired Saturday,
14 July 2018.
This affects (at least) the repo.dovecot.org website and debian
repository.
Thanks,
Bernardo.
On 2018-05-15 08:15, Aki Tuomi wrote:
On 15.05.2018 09:14, B. Reino wrote:
Dear all,
Just in
On Tue, 15 May 2018, Aki Tuomi wrote:
On 15.05.2018 09:14, B. Reino wrote:
Dear all,
Just in case you've missed it, the certificate for repo.dovecot.org
just expired yesterday.
This causes errors in e.g. apt-get update.
Thanks in advance for fixing it,
--
B. Reino
Seems something went
On 15.05.2018 09:14, B. Reino wrote:
> Dear all,
>
> Just in case you've missed it, the certificate for repo.dovecot.org
> just expired yesterday.
>
> This causes errors in e.g. apt-get update.
>
> Thanks in advance for fixing it,
>
> --
> B. Reino
Seems something went wrong during deployment,
On 04/03/17 04:07, David Mehler wrote:
With the web it was easy just let apache serve the token that
letsencrypt needed and I got certificates. How do I do this with
regards email?
I know there have been some answers to this already but FWIW I use
dehydrated directly from Github and this
Thanks. Is there another way of doing this? I've got a web server
running on 80 and 443. Are there any other options?
I'm getting this list in digest mode, so it's possible by the time this
gets to you, I will have repeated someone else' suggestion.
In this situation, where your dovecot
You can either drop the authentication token into /.wellknown on your
running server, or take down the server for a minute to run certbot
every couple months.
I'm not a fan of symlinks out of config directories and certainly not
across chroot / jail boundaries so I manually copy the certs into
David Mehler writes:
I'm wanting letsencrypt to take over as my CA, replacing existing self
signed certificates. I've got web working, a certificate for https
sites and one for webmail as they have different names. What I'm now
wanting to do is get letsencrypt going for
Hello,
Have you considered running getssl bash script?
It is well documented, self-updates automatically, supports https,
imaps, pop3s, ... and can push validation tokens to your web server
using rsync, ftp, ...
See https://github.com/srvrco/getssl/blob/master/README.md
Cheers
On 03/03/2017
Yes:
I'm using the acme.sh client, and I can do:
> acme.sh --issue --standalone -d example.com --httpport 88
It does what you'd expect: it runs using a small webserver on port 88
I only just discovered that option myself :-)
MJ
On 03/03/2017 08:22 PM, David Mehler wrote:
Hello,
Thanks. Is
Hello,
Thanks. Is there another way of doing this? I've got a web server
running on 80 and 443. Are there any other options?
Thanks.
Dave.
On 3/3/17, Michael Neurohr wrote:
> On 2017-03-03 19:07, David Mehler wrote:
>> Hello,
>>
>> I know some users here are using letsencrypt
On 2017-03-03 19:07, David Mehler wrote:
> Hello,
>
> I know some users here are using letsencrypt for their CA. If this is
> to off topic write me privately.
>
> I'm wanting letsencrypt to take over as my CA, replacing existing self
> signed certificates. I've got web working, a certificate for
You can also setup web server to handle auth for particular domain or
use certbot's standalone auth, but in that case, 80 or 443 port must be
free to allow certbot's temporary web server to run on that port.
--
KSB
On 2017.03.03. 20:08, Larry Rosenman wrote:
I have DNS setup as my auth, and
Hello,
Thanks, should have mentioned dns tokens are not possible in my situation.
Thanks.
Dave.
On 3/3/17, Larry Rosenman wrote:
> I have DNS setup as my auth, and use nsupdate to let it get the token.
>
>
>
> On 3/3/17, 12:07 PM, "dovecot on behalf of David Mehler"
>
I have DNS setup as my auth, and use nsupdate to let it get the token.
On 3/3/17, 12:07 PM, "dovecot on behalf of David Mehler"
wrote:
Hello,
I know some users here are using letsencrypt for their CA. If this is
24 matches
Mail list logo