A message appeared on a user's PC indicating the security certificate had expired for moonpoint.com today. The message came from Microsoft Outlook on her system. But when I checked the status of the system's security certificate in a browser by visiting moonpoint.com in the browser, it was still showing as valid until Friday, May 17, 2024 at 12:02:51 AM. I thought the email server software, Dovecot, running on the server was using the same security certificate as the Apache webserver. When I viewed the
SSLCertificateFile
and SSLCertificateChainFile lines in the Apache configuration file,
/etc/httpd/conf/httpd.conf, I saw they were pointing to the
following .pem files (.pem stands for
"Privacy-Enhanced
Mail" and a .pem file holds a security certificate).
SSLCertificateFile /etc/letsencrypt/live/support.moonpoint.com-0001/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/support.moonpoint.com-0001/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/support.moonpoint.com-0001/chain.pem
When I checked the expiration of that security certificate, I saw it was valid until May 17.
# openssl x509 -enddate -noout -in /etc/letsencrypt/live/support.moonpoint.com-0001/cert.pem notAfter=May 17 04:02:51 2024 GMT #
You can determine the location of the .pem file used by Dovecot by
looking for the ssl_cert variable in
/etc/dovecot/conf.d/10-ssl.conf.
[ More Info ]
