New installed SSL/TLS Certifcate

letsencrypt
mailserver

(Reggie Ho) #1

NethServer Version: 7.4.1708
Module: your_module

Recently I just updated the Server SSL/TLS certificate using Certbot function ( from letsencrypt ), the Server Certificate Information showed that the Certificate is installed with the new Correct Expiry Date…but when I log to my Email Server, it’s responded with the recent EXPIRED Certificate. I tried restart the server and even tried adjust the 10-ssl.conf file in Dovecot, the Expired Certificate still showed. I check the /etc/letsencrypt/live/domain/ folder, it has the correct, renewed cert.pem file.

Wondering if there’s some new changes or settings that I need to make in order for the renewed certificate to transfer to the email service in Nethserver ?


(Davide Principi) #2

Did you press “select as default”?

http://docs.nethserver.org/en/v7/base_system.html#server-certificate


(Reggie Ho) #3

Yes… the new renewed Certificate is set as DEFAULT… and showing the correct new expiry date as well.

I also did a search of the cert.pem in my server in command line… using " find " , I can see only one cert.pem file for the Server from letsencrypt, the other cert.pem files are not related.


(Reggie Ho) #4

Hmm I think I may have fixed it… I went to Server-Certicate and select “SHOW” option to view the Certificate Information and then select ‘Set as Default’ from that bottom of the page and that seen to work.

Previously I updated the Certificate and on the Server-Certicate Page … I dropped down the ACTION option and select DEFAULT option from there…doing that will not update the certificate infor to the email server.

( I don’t remember having to do this in previously update … maybe this old brain of mine is not functioning as well these days…)

Thanks… appreciate for your quick response.