Hi Ante and thanks for this bug report. According to what I see in the scripts
the certs gets copied over: it happens via /lib/systemd/system/postfix@.service
which has this
ExecStartPre directive:
ExecStartPre=/usr/lib/postfix/configure-instance.sh %i
and configure-instance.sh copies the certs in the chroot when postfix is
(re)started. I tested this on Focal and it works as intended.
However I don't see any mechanism that reloads Postfix after update-ca-
certificate is called, so it may make sense to add a reload hook in /etc
/ca-certificates/update.d/.
Would this explain the issue you hit and that made you file this bug
report, or do you think there's something going wrong and the certs do
not get copied over? Do you agree a reload hook would be the correct fix
here?
** Changed in: postfix (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1915238
Title:
warning: /var/spool/postfix/etc/ssl/certs/ca-certificates.crt and
/etc/ssl/certs/ca-certificates.crt differ
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1915238/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
