On Tue, 11 Oct 2022 16:37:44 -0400 Viktor Dukhovni <postfix-us...@dukhovni.org> wrote:
> > Do I have to worry? > > If Android clients aren't a concern for your MTA, you should perhaps > configure your ACME client (e.g. certbot) to build a chain file without > the cross certificate. Details on the letsencrypt.org website: > > https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ > https://community.letsencrypt.org/t/production-chain-changes/150739 > https://community.letsencrypt.org/t/certbot-1-6-0-release/127841 > > So at least once: > > # certbot renew --preferred-chain "ISRG Root X1" --force-renew Many thanks Viktor! I use le.pl and I had to upgrade to last version (0.38) and added --alternative 1 to the arguments. Seems to have done thw trick... Thanks again, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 02485781 FAX: +39 0248028247 X AGAINST HTML MAIL / E-MAIL: posthams...@sublink.sublink.org / \ AND POSTINGS / WWW: http://www.lesassaie.IT/
