MoonPoint Support Logo

 

Shop Amazon Warehouse Deals - Deep Discounts on Open-box and Used ProductsAmazon Warehouse Deals



Advanced Search
March
Sun Mon Tue Wed Thu Fri Sat
         
12
           
2024
Months
Mar
May Jun
Jul Aug Sep
Oct Nov Dec


Tue, Mar 12, 2024 11:35 pm

Renewing a Let's Encrypt Security certificate for Dovecot

A message appeared on a user's PC indicating the security certificate had expired for moonpoint.com today. The message came from Microsoft Outlook on her system. But when I checked the status of the system's security certificate in a browser by visiting moonpoint.com in the browser, it was still showing as valid until Friday, May 17, 2024 at 12:02:51 AM. I thought the email server software, Dovecot, running on the server was using the same security certificate as the Apache webserver. When I viewed the SSLCertificateFile and SSLCertificateChainFile lines in the Apache configuration file, /etc/httpd/conf/httpd.conf, I saw they were pointing to the following .pem files (.pem stands for "Privacy-Enhanced Mail" and a .pem file holds a security certificate).

SSLCertificateFile /etc/letsencrypt/live/support.moonpoint.com-0001/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/support.moonpoint.com-0001/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/support.moonpoint.com-0001/chain.pem

When I checked the expiration of that security certificate, I saw it was valid until May 17.

# openssl x509 -enddate -noout -in /etc/letsencrypt/live/support.moonpoint.com-0001/cert.pem
notAfter=May 17 04:02:51 2024 GMT
#

You can determine the location of the .pem file used by Dovecot by looking for the ssl_cert variable in /etc/dovecot/conf.d/10-ssl.conf.

[ More Info ]

[/network/email/dovecot] permanent link

Valid HTML 4.01 Transitional

Privacy Policy   Contact

Blosxom logo