8 Sep
2017
8 Sep
'17
9:21 p.m.
On 08.09.2017 19:51, @lbutlr wrote:
How I would do it is IF the certificate is expired, the dovecot should check if there is a new cert and if so, load it.
New cert as in file modification date or checksum changed? Might work. Still, from what I seem to remember, Dovecot loads certificate data before dropping privileges, which is why reloading the data might be problematic without some changes. Not worth spending development effort on, IMO, given that Dovecot can easily be restarted by the external processes that update the cert (like Certbot hook, Ansible, etc.).
-Ralph