[BlueOnyx:25146] Let's Encrypt CA cert expiry - permanent fix published
Michael Stauber
mstauber at blueonyx.it
Thu Sep 30 15:14:39 -05 2021
Hi all,
In response to [BlueOnyx:25128] (and following) I just published YUM
updates for BlueOnyx 5209R and 5210R:
Code changes in SVN:
https://devel.blueonyx.it/trac/changeset?reponame=&new=4194%40%2F&old=4189%40%2F
base-email:
============
Modified glue/handlers/copy_certs.pl to conditionally merge ca-cert into
dovecot.pem - provided we have intermediates.
This takes care of the fact that Dovecot doesn't use the intermediate
ca.pem (via the "ssl_ca" line) when Dovecot acts as a server. Merging
the ca.pem into dovecot.pem helps us to get around that.
base-ssl:
==========
Updated ACME to the latest version (3.0.1), added requirement for the
"socat" RPM (now required by ACME) and automatically set ACME's
default-ca to "letsencrypt" to use the new LE API URLs.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list