You could, after creating the /var/qmail/control/servercert.pem, point dovecot's ssl_cert & ssl_key to it.
On May 19, 2021, 11:26 AM, at 11:26 AM, Scott Hughes <sonicscott9...@gmail.com> wrote: >On the SSL page for the CENTOS 7 LetsEncrypt install, #3 C & D reads: > >- Add to Apache Virtual CentOS 6 & 7 > > SSLCertificateFile /etc/letsencrypt/live/mydomain.com/cert.pem > SSLCertificateKeyFile /etc/letsencrypt/live/mydomain.com/privkey.pem >SSLCertificateChainFile >/etc/letsencrypt/live/mydomain.com/fullchain.pem > >- Add to Dovecot CentOS 6 & 7 > > ssl_cert = </etc/letsencrypt/live/mydomain.com/fullchain.pem > ssl_key = </etc/letsencrypt/live/mydomain.com/privkey.pem > >- > >It's been a LOOOOOONG time since I've done this and don't recognize >what this means. Thanks in advance! > > >On Thu, May 13, 2021 at 1:54 PM Eric Broch <ebr...@whitehorsetc.com> >wrote: > >> Here's the link >> >> https://www.qmailtoaster.org/ssl.html >> On 5/13/2021 11:04 AM, Scott Hughes wrote: >> >> Is there a howto or a page that details how to properly install the >> certificate I purchased? Thanks! >> >> On May 12, 2021, at 11:29, Eric Broch <ebr...@whitehorsetc.com> >> <ebr...@whitehorsetc.com> wrote: >> >> >> >> Here's my auto renew script: >> >> <le> >> >> #!/bin/bash >> >> # When to renew, days before expiration >> days=3 >> >> today=`date` >> today=`date --date="$today" --utc +%s` >> >> # FQDN for which to renew certificate >> fqdn=host.domain.tld >> certfile=/etc/letsencrypt/live/$fqdn/fullchain.pem >> exp=`openssl x509 -dates -noout < $certfile | grep notAfter | sed >> 's/notAfter=//'` >> off=`date --date="$exp" --utc +%s` >> diff=$(( (off - today)/86400 )) >> echo "Certificate for FQDN $fqdn expires in $diff day(s)" >> >> # Renew if we're within the days parameter >> if [ $diff -le $days ] >> then >> echo "Renew certificate $fqdn ..." >> certbot renew --cert-name $fqdn >> echo "Reload httpd..." >> systemctl reload httpd >> systemctl status httpd >> echo "Install certificate for QMT..." >> cat /etc/letsencrypt/live/$fqdn/privkey.pem >> /etc/letsencrypt/live/$fqdn/fullchain.pem > >/my/dir/path/servercert.pem >> cp -p /var/qmail/control/servercert.pem >> /var/qmail/control/servercert.pem.bak >> cp /my/dir/path/servercert.pem /var/qmail/control/servercert.pem >> qmailctl stop && sleep 5 && qmailctl start >> systemctl restart dovecot >> fi >> >> echo "Done..." >> >> exit 0 >> >> </le> >> >> >> In crontab >> >> @daily /my/dir/path/le >> >> On 5/12/2021 5:34 AM, CarlC Internet Services Service Desk wrote: >> >> Remo, >> >> >> >> I use LetsEncrypt, but I tell everyone who uses the service to use “ >> secure.carlc.com” as the email server name. This causes the IMAP SSL >to >> match up with the FQDN they are looking for. I never have an issue >when >> LetsEncrypt does it automatic update [which is every 60 days as >recommended >> by LetsEncrypt’s certbot] and the customer never gets a SSL cert >mismatch. >> >> >> >> Carl >> >> >> >> *From:* Remo Mattei [mailto:r...@mattei.org <r...@mattei.org>] >> *Sent:* Tuesday, May 11, 2021 09:07 PM >> *To:* qmailtoaster-list@qmailtoaster.com >> *Subject:* Re: [qmailtoaster] Certificate >> >> >> >> Yes the thing is 10 dollars for 2 years nothing to change whereas, >> letencrypt, need to change every 90 days and IMAP will prompt you for >a new >> cert.. not ideal for customers if you do for your personal servers >then >> that’s good. >> >> >> >> Remo >> >> >> >> On May 11, 2021, at 4:04 PM, Rodrigo Cortes <rap...@gmail.com> wrote: >> >> >> >> Hi! >> >> >> >> Use letencrypt, is free :) >> >> >> >> El mar, 11 may 2021 a las 18:49, <r...@mattei.org> escribió: >> >> Ssls.com >> >> > Il giorno 11 mag 2021, alle ore 15:03, Scott Hughes < >> sonicscott9...@gmail.com> ha scritto: >> > >> > Where is the cheapest place to get a certificate for my server. >The >> server is in the USA if that matters. Thank you! >> > >--------------------------------------------------------------------- >> > To unsubscribe, e-mail: >qmailtoaster-list-unsubscr...@qmailtoaster.com >> > For additional commands, e-mail: >qmailtoaster-list-h...@qmailtoaster.com >> > >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: >qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: >qmailtoaster-list-h...@qmailtoaster.com >> >> >> >>
