Feature request.
Rogier Wolff
R.E.Wolff at BitWizard.nl
Fri Oct 9 11:16:49 EEST 2020
Hi,
I get my Email from my own SMTP server on the internet using
"fetchmail". Some time ago I did the smart thing and configured
dovecot to use SSL and the letsencrypt certificate that automatically
renews.
Welllll..... a few days ago my certificate expired and the fetchmail
deamon running in the background had nowhere to complain. So I didn't
notice.
It turns out that dovecot had been running uninterrupted since august
13th, the certificate was renewed on september 7th and I suspect it
expired on october 7th.
So.... Feature request: check the expiry date on the SSL certificate
as it is being loaded and check for a new certificate if it HAS
expired.
If you worry about performance, this could be done where:
TLS handshaking: SSL_accept() failed: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired: SSL alert number 45
is reported. That would mean that ONE client will once get the error
before dovecot fixes it. My personal fix is to restart dovecot once a
week from now on.
I might be running an older version:
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 4.15.0-34-generic x86_64 Ubuntu 18.04.5 LTS
if it has already been fixed, please accept my apologies.
Roger.
--
** R.E.Wolff at BitWizard.nl ** https://www.BitWizard.nl/ ** +31-15-2049110 **
** Delftechpark 11 2628 XJ Delft, The Netherlands. KVK: 27239233 **
f equals m times a. When your f is steady, and your m is going down
your a is going up. -- Chris Hadfield about flying up the space shuttle.
More information about the dovecot
mailing list