I have to say I'm totally baffled since I do nothing when LetsEncrypt renews the certificate.
I know the cert has been updated because the mail clients asks me if I trust the certificate.
If it makes a difference I use the bash LetsEncrypt not the Python code.
Original Message From: reio@mrstuudio.ee Sent: October 9, 2020 1:55 AM To: dovecot@dovecot.org Subject: Re: Feature request.
On 09/10/2020 11:50, Plutocrat wrote:
On 09/10/2020 4:16 pm, Rogier Wolff wrote:
It turns out that dovecot had been running uninterrupted since august 13th, the certificate was renewed on september 7th and I suspect it expired on october 7th. I guess you could do a few things yourself to make sure the cert is valid. Thinking out loud:
- Blunt instrument approach: Just restart/reload Dovecot once a week via a cron job. Letsencrypt will renew certs with less than 15 days to go, so once a week should catch it.
If you're using Let's Encrypt, then at least the certbot client has renewal hooks that you can use to run dovecot reload etc.
Good luck! Reio