As it turns out my cert was renewed Oct 3. I usually don't reply to these "lists" from my phone since I risk the wrath of people who hate top posting. I usually reply from a Linux desktop, not the phone, where I can bottom post. 

All that said, my phone mail client asked me if I trusted the cert. It was the latest cert since it matches the date on my website. 

To be fair, I did a backup of the server on the 4th which involved a reboot, which would have loaded a new cert. But I can't possibly be that fortunate all the time. 

In need to look at that bash script that renews the cert. Maybe it forces a systemctl reload. 

I could never get that Python LetsEncrypt code to work on Centos. The LetsEncrypt forum suggested the bash script. 

https://github.com/acmesh-official/acme.sh



From: reio@mrstuudio.ee
Sent: October 9, 2020 2:57 AM
To: dovecot@dovecot.org
Subject: Re: Feature request.

On 09/10/2020 12:52, lists wrote:
I have to say I'm totally baffled since I do nothing when LetsEncrypt renews the certificate. 

I know the cert has been updated because the mail clients asks me if I trust the certificate.

Curious. The mail clients really shouldn't ask anything when encountering a valid certificate.

Are you sure the client isn't asking you to trust an expired certificate?

Reio