Home
DevCentral
Search
Configure Global Search
Log In
Transactions
T2132
Change Details
Change Details
Old
New
Diff
Dovecot didn't have the new certificate but was still serving an old one, now expired. Check: `openssl s_client -connect mail.nasqueron.org:993 < /dev/null | openssl x509 -noout -subject -issuer -dates -serial` We solved that directly on the server doing those steps: - Dovecot configuration: update filename from privkey.pem to key.pem (Certbot -> acme.sh change) - Common group mail with 3 users: -- postfix (already set up) -- dovecot (to read key.pem) -- acme (so they can set the file with the right group) - Permissions: -- /var/certificates 700 -> 711 -- /var/certificates/mail.nasqueron.org group wheel -> mail -- /var/certificates/mail.nasqueron.org/key.pem chmod 600 -> 640 Salt configuration need to be updated accordingly.
Dovecot didn't have the new certificate but was still serving an old one, now expired. Check: `openssl s_client -connect mail.nasqueron.org:993 < /dev/null | openssl x509 -noout -subject -issuer -dates -serial` We solved that directly on the server doing those steps: - Dovecot configuration: update filename from privkey.pem to key.pem (Certbot -> acme.sh change) - Common group mail with 3 users: -- postfix (already set up) -- dovecot (to read key.pem) -- acme (so they can set the file with the right group) - Permissions: -- /var/certificates 700 -> 711 -- /var/certificates/mail.nasqueron.org group wheel -> mail, group chmod 700 -> 750 -- /var/certificates/mail.nasqueron.org/key.pem chmod 600 -> 640 Salt configuration need to be updated accordingly.
Dovecot didn't have the new certificate but was still serving an old one, now expired. Check: `openssl s_client -connect mail.nasqueron.org:993 < /dev/null | openssl x509 -noout -subject -issuer -dates -serial` We solved that directly on the server doing those steps: - Dovecot configuration: update filename from privkey.pem to key.pem (Certbot -> acme.sh change) - Common group mail with 3 users: -- postfix (already set up) -- dovecot (to read key.pem) -- acme (so they can set the file with the right group) - Permissions: -- /var/certificates 700 -> 711 -- /var/certificates/mail.nasqueron.org group wheel -> mail
, group chmod 700 -> 750
-- /var/certificates/mail.nasqueron.org/key.pem chmod 600 -> 640 Salt configuration need to be updated accordingly.
Continue