LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
Reload this Page Postfix/Dovecot problem with Let`s encrypt certificate
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 01-22-2018, 10:53 AM   #1
theri0
LQ Newbie
 
Registered: Jan 2018
Posts: 3

Rep: Reputation: Disabled
Postfix/Dovecot problem with Let`s encrypt certificate

Cheers all, got question (could n`t find it anywhere) for IMAP;
Namely, thing is I get users running outlook (Thunderbird as well) getting these Certificate expired issues. All they can do is click Yes (Install, Accept, Yes) and all goes away. Mail client acts as nothing is wrong. Then I took a stroll trough Plesk admin and (there I have a module installed which enables me to renew mail cert) and I see that certificate shows as valid for another three months. Now...I can`t seem to find the expired certificate. My knowledge has made me to conclusion that it`s not postfix problem, rather Dovecot (as he is acting as an IMAP server, if my understanding is correct). Now, what bothers me is that, even tho this should prove to be a "piece of cake" for someone who has understanding of this - to me it is not. Not ye...hopefully one day. Does anyone has any advice? My idea is (if I`m correct), just use openssl to generate that friggin .pem file and place it wheer it should be, matching the path (or other way around). Help! And yes, mock me..I have spent couple of days browsing for solutions and that only fattened the possible solutions.

Thank you all in advance;

peace.
 
Old 01-22-2018, 01:14 PM   #2
sruckh
LQ Newbie
 
Registered: Nov 2003
Posts: 15

Rep: Reputation: 0
In my case I have both postfix and dovecot certs created and installed. Certificates are from using certbot, and are renewed every 90 days.

In my dovecot.conf file I have

ssl_cert = </path/to/fullchain.pem
ssl_key = </path/to/privkey.pem

Obviously those two files exist.

In my postfix main.cf file I have the following configuration items.

smtpd_tls_cert_file = /path/to/fullchain.pem
smtpd_tls_key_file = /path/to/privkey.pem

Again, both these files exist and were created with certbot.

Both the dovecot and postfix certs are different (although the example above makes it look like they are the same. my actual paths are different).

Hopefully that helps?
 
Old 01-22-2018, 04:01 PM   #3
theri0
LQ Newbie
 
Registered: Jan 2018
Posts: 3

Original Poster
Rep: Reputation: Disabled
Founded this:
--L_accept() failed: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown: SSL alert number 46, session--

But no obvious config missmatch. I`ll guess I just have to keep digging....
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
opensuse Leap apache2 postfix dovecot install fails "no server certificate installed" alavarre Linux - Server 1 05-13-2016 05:54 AM
[SOLVED] installing certificate with Let's Encrypt vincix Linux - Server 10 04-14-2016 12:12 PM
Multidomain Postfix/Dovecot vs. Let's Encrypt certificates kikinovak Slackware 11 04-03-2016 11:46 AM
problem with postfix and dovecot ayush1440 Linux - Server 1 02-01-2008 01:04 AM
Postfix > Dovecot problem cypsteel Linux - Server 0 12-31-2007 02:21 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 10:17 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration