[BlueOnyx:25500] Re: TLS certificate didn't update on Postfix 5210R
Michael Stauber
mstauber at blueonyx.it
Thu Jul 7 18:39:00 -05 2022
Hi Gen Tobimatsu,
> Let's encrypt cert updated on web dovecot, but postfix didn't.
> I tried to switch to sendmail.
> But switch back to postfix, then it used old certificate?
I had to check this out myself and I'm not yet entirely sure what the
issue was, but I have an idea.
> main.cf:smtp_tls_CApath = /etc/pki/tls/certs
> main.cf:smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
The above is fine, because that's for the CA certs, not the AdmServ or
Vsite certs.
Try this:
rm -f /etc/postfix/vsite_ssl.map
systemctl restart postfix
I believe that should fix the issue. Please try it out and let us know.
Alternatively: If you use an LE cert for the GUI itself, force a renewal
of this cert (or request a new one) and that also should fix the issue.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list