Renewal of Let's Encrypt Certificates in Dovecot
Hi there. I've been using Dovecot for quite some time now but I just started using Let's Encrypt certs. Since LE certs are renewed automatically without user intervention I'm wondering if I will need to restart dovecot after that renewal...
Has anybody had any experience with that?
Thanks so much for your help!
Ignacio
On 11/10/2018 11:55, Ignacio Garcia wrote:
Hi there. I've been using Dovecot for quite some time now but I just started using Let's Encrypt certs. Since LE certs are renewed automatically without user intervention I'm wondering if I will need to restart dovecot after that renewal...
A reload will suffice.
Good luck, Reio
El jue., 11 oct. 2018 a las 10:58, Reio Remma (reio@mrstuudio.ee) escribió:
On 11/10/2018 11:55, Ignacio Garcia wrote:
Hi there. I've been using Dovecot for quite some time now but I just started using Let's Encrypt certs. Since LE certs are renewed automatically without user intervention I'm wondering if I will need to restart dovecot after that renewal...
A reload will suffice.
Thanks Reio for your quick answer.
Then is it that reload mandatory? What I need to know is if I dovecot can cope with that certificate renewal without the need of any sysadmin intervention or automated script after that renewal.
Thanks
Ignacio
Am 11.10.2018 um 11:05 schrieb Ignacio Garcia:
El jue., 11 oct. 2018 a las 10:58, Reio Remma (reio@mrstuudio.ee) escribió:
On 11/10/2018 11:55, Ignacio Garcia wrote:
Hi there. I've been using Dovecot for quite some time now but I just started using Let's Encrypt certs. Since LE certs are renewed automatically without user intervention I'm wondering if I will need to restart dovecot after that renewal...
A reload will suffice.
Thanks Reio for your quick answer.
Then is it that reload mandatory? What I need to know is if I dovecot can cope with that certificate renewal without the need of any sysadmin intervention or automated script after that renewal.
You can add a POST_HOOK to Certbot (or whatever you are using) to reload Dovecot after certificates have been renewed. No need for manual intervention.
-- Alex JOST
From my experience, restart is required.
On Debian Strech, I edited cron job to:
certbot -q renew --renew-hook 'service dovecot restart' --renew-hook 'service postfix reload'
Milo
Dne 2018-10-11 v 10:55 Ignacio Garcia napsal(a):
Hi there. I've been using Dovecot for quite some time now but I just started using Let's Encrypt certs. Since LE certs are renewed automatically without user intervention I'm wondering if I will need to restart dovecot after that renewal...
Has anybody had any experience with that?
Thanks so much for your help!
Ignacio
On Thu, 11 Oct 2018 12:39:07 +0200, Miloslav Hůla stated:
Dne 2018-10-11 v 10:55 Ignacio Garcia napsal(a):
Hi there. I've been using Dovecot for quite some time now but I just started using Let's Encrypt certs. Since LE certs are renewed automatically without user intervention I'm wondering if I will need to restart dovecot after that renewal...
Has anybody had any experience with that?
Thanks so much for your help!
Ignacio
From my experience, restart is required.
On Debian Strech, I edited cron job to:
certbot -q renew --renew-hook 'service dovecot restart' --renew-hook 'service postfix reload'
Milo
This works fine for me:
certbot renew --deploy-hook "service dovecot restart"
-- Jerry
participants (5)
-
Alex JOST
-
Ignacio Garcia
-
Jerry
-
Miloslav Hůla
-
Reio Remma