Letsencrypt/OpenSSL test - Verify return code: 21
Oscar del Rio
delrio at mie.utoronto.ca
Mon Apr 12 21:38:52 EEST 2021
On 2021-04-10 12:09 p.m., Brady Shea wrote:
>
> I finally 'fixed' it myself by using the LE 'fullchain.pem'
> certificate as the location for the 'ssl_cert' entry (and chain.pem
> for the ca entry). Previously, it was using the normal cert.pem file
> location. This is still the way it's setup on the other older machine
> and still works fine. Changes-
>
> |ssl_ca = </etc/letsencrypt/live/{CertName}/chain.pem (or
> 'fullchain.pem' should work) *ssl_cert =
> </etc/letsencrypt/live/{CertName}/fullchain.pem* (was 'cert.pem'
> previously) ssl_key = </etc/letsencrypt/live/{CertName}/privkey.pem|
/etc/letsencrypt/live/README:
`[cert name]/privkey.pem` : the private key for your certificate.
`[cert name]/fullchain.pem`: the certificate file used in most server
software.
`[cert name]/chain.pem` : used for OCSP stapling in Nginx >=1.3.7.
`[cert name]/cert.pem` : will break many server configurations, and
should not be used
without reading further documentation
More information about the dovecot
mailing list