MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
March
Sun Mon Tue Wed Thu Fri Sat
         
12
           
2024
Months
Mar
Dec


Tue, Mar 12, 2024 11:35 pm

Renewing a Let's Encrypt Security certificate for Dovecot

A message appeared on a user's PC indicating the security certificate had expired for moonpoint.com today. The message came from Microsoft Outlook on her system. But when I checked the status of the system's security certificate in a browser by visiting moonpoint.com in the browser, it was still showing as valid until Friday, May 17, 2024 at 12:02:51 AM. I thought the email server software, Dovecot, running on the server was using the same security certificate as the Apache webserver. When I viewed the SSLCertificateFile and SSLCertificateChainFile lines in the Apache configuration file, /etc/httpd/conf/httpd.conf, I saw they were pointing to the following .pem files (.pem stands for "Privacy-Enhanced Mail" and a .pem file holds a security certificate).

SSLCertificateFile /etc/letsencrypt/live/support.moonpoint.com-0001/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/support.moonpoint.com-0001/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/support.moonpoint.com-0001/chain.pem

When I checked the expiration of that security certificate, I saw it was valid until May 17.

# openssl x509 -enddate -noout -in /etc/letsencrypt/live/support.moonpoint.com-0001/cert.pem
notAfter=May 17 04:02:51 2024 GMT
#

You can determine the location of the .pem file used by Dovecot by looking for the ssl_cert variable in /etc/dovecot/conf.d/10-ssl.conf.

[ More Info ]

[/network/email/dovecot] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo