Re: how to setup IMAPs with letsencrypt

On Sun, 24 Apr 2022, ??? (alice) wrote: [Actually, I wrote] otherwise you'll have to use DNS challenge method to support multiple hostnames on the same certificate. do you know how to implement this? Others have pointed out resources, but at a very basic level, you'll need a scriptable way

Re: how to setup IMAPs with letsencrypt

On 24/04/22 13:14, ミユナ (alice) wrote: Richard Hector wrote: otherwise you'll have to use DNS challenge method to support multiple hostnames on the same certificate. Um, no I didn't. I replied to that. Please check your attributions :-) Cheers, Richard

Re: how to setup IMAPs with letsencrypt

On 24.04.22 02:45, Richard Hector wrote: On 22/04/22 11:57, Joseph Tam wrote: Keep in mind the subject name (CN or SAN AltNames) of your certificate must match your IMAP server name e.g. if your certificate is made for "www.mydomain.com", you'll have to configure your IMAP clients to also use "w

Re: how to setup IMAPs with letsencrypt

;s nothing else served on that domain (at the moment). I didn't want to mess with creating a web infrastructure for the usual web-based validation that is common with LE.  Getting that working for my services would be very messy.  So I use DNS validation with LetsEncrypt, and I have wildcards

Re: how to setup IMAPs with letsencrypt

thank you Jeremy. I will check out them. Jeremy Ardley wrote: https://www.digitalocean.com/community/tutorials/how-to-create-let-s-encrypt-wildcard-certificates-with-certbot This may be more helpful https://medium.com/@saurabh6790/generate-wildcard-ssl-certificate-using-lets-encrypt-certbot-

Re: how to setup IMAPs with letsencrypt

On 24/4/22 9:22 am, Jeremy Ardley wrote: For a start: https://www.digitalocean.com/community/tutorials/how-to-create-let-s-encrypt-wildcard-certificates-with-certbot This may be more helpful https://medium.com/@saurabh6790/generate-wildcard-ssl-certificate-using-lets-encrypt-certbot-273e4

Re: how to setup IMAPs with letsencrypt

On 24/4/22 9:14 am, ミユナ (alice) wrote: Richard Hector wrote: otherwise you'll have to use DNS challenge method to support multiple hostnames on the same certificate. do you know how to implement this? the original certificates were issued for domain: sample.com. But this certs can be used

Re: how to setup IMAPs with letsencrypt

Richard Hector wrote: otherwise you'll have to use DNS challenge method to support multiple hostnames on the same certificate. do you know how to implement this? the original certificates were issued for domain: sample.com. But this certs can be used for any.sample.com too? Thanks

Re: how to setup IMAPs with letsencrypt

On 22/04/22 11:57, Joseph Tam wrote: Keep in mind the subject name (CN or SAN AltNames) of your certificate must match your IMAP server name e.g. if your certificate is made for "www.mydomain.com", you'll have to configure your IMAP clients to also use "www.mydomain.com" as the IMAP server name.

Re: how to setup IMAPs with letsencrypt

On 4/22/22 02:20, Jean-Daniel Dupas wrote: While it's true for SMTP, my experience is that IMAP clients prefer imaps in 993 instead of STARTTLS. I have a server with only port 993 opened, and almost never had any issue with client configuration. I have noticed the opposite.  Every time I hav

Re: how to setup IMAPs with letsencrypt

> Le 22 avr. 2022 à 01:50, Jeremy Ardley a écrit : > > > > On 22/4/22 7:44 am, al...@coakmail.com wrote: >>> On 22/4/22 7:25 am, al...@coakmail.com wrote: >>> >> Thanks. I will give a try. >> after enabling SSL, can I disable port 143 e

Re: how to setup IMAPs with letsencrypt

akmail.com wrote: hello I have setup website using letsencrypt for certification. how can I setup IMAP to use this certs as well? Thank you. Make entries in /etc/dovecot/conf.d/10-ssl.conf ssl = required ssl_cert = You can override the global ssl certificates for specific domains in /e

Re: how to setup IMAPs with letsencrypt

On 22/4/22 8:24 am, Jeremy Ardley wrote: local mail.example.com {   protocol imap { ssl_cert = My error. The correct example domain override stanza is #specific domain override local special.example.com {   protocol imap { ssl_cert = OpenPGP_signature Description: OpenPGP digit

Re: how to setup IMAPs with letsencrypt

uired ssl_min_protocol = TLSv1.2 ssl_cipher_list = EECDH+AESGCM:EDH+AESGCM ssl_prefer_server_ciphers = yes ssl_cert = It is possible to generate a wildcard letsencrypt certificate *.example.com but the process is tricky and has unexpected side-effects such as typo.example.com resolves to example.com i

Re: how to setup IMAPs with letsencrypt

On 2022-04-22 01:50, Jeremy Ardley wrote: On 22/4/22 7:44 am, al...@coakmail.com wrote: On 22/4/22 7:25 am, al...@coakmail.com wrote: Thanks. I will give a try. after enabling SSL, can I disable port 143 entirely? Probably a bad idea. Many clients use STARTTTLS on port 143 rather than TLS o

Re: how to setup IMAPs with letsencrypt

I have setup website using letsencrypt for certification. how can I setup IMAP to use this certs as well? Make entries in /etc/dovecot/conf.d/10-ssl.conf ssl = required ssl_cert = Keep in mind the subject name (CN or SAN AltNames) of your certificate must match your IMAP server name e.g

Re: how to setup IMAPs with letsencrypt

On 22/4/22 7:44 am, al...@coakmail.com wrote: On 22/4/22 7:25 am, al...@coakmail.com wrote: Thanks. I will give a try. after enabling SSL, can I disable port 143 entirely? Probably a bad idea. Many clients use STARTTTLS on port 143 rather than TLS on port 993 -- Jeremy OpenPGP_signature

Re: how to setup IMAPs with letsencrypt

On 2022-04-22 01:44, al...@coakmail.com wrote: Thanks. I will give a try. after enabling SSL, can I disable port 143 entirely? yes

Re: how to setup IMAPs with letsencrypt

> > On 22/4/22 7:25 am, al...@coakmail.com wrote: >> hello >> >> I have setup website using letsencrypt for certification. >> how can I setup IMAP to use this certs as well? >> >> Thank you. >> > Make entries in /etc/dovecot/conf.d/10-ssl.conf &

Re: how to setup IMAPs with letsencrypt

On 22/4/22 7:25 am, al...@coakmail.com wrote: hello I have setup website using letsencrypt for certification. how can I setup IMAP to use this certs as well? Thank you. Make entries in /etc/dovecot/conf.d/10-ssl.conf ssl = required ssl_cert = You can override the global ssl certificates

how to setup IMAPs with letsencrypt

hello I have setup website using letsencrypt for certification. how can I setup IMAP to use this certs as well? Thank you.

Re: Letsencrypt/OpenSSL test - Verify return code: 21

till the way it's setup on the other older machine and still works fine. Changes- |ssl_ca = 'fullchain.pem' should work) *ssl_cert = previously) ssl_key = /etc/letsencrypt/live/README: `[cert name]/privkey.pem`  : the private key for your certificate. `[cert name]/fullchain.p

Re: Letsencrypt/OpenSSL test - Verify return code: 21

On 11/04/2021 01:04, @lbutlr wrote: > On 10 Apr 2021, at 12:57, Juri Haberland wrote: >> On 10/04/2021 19:52, @lbutlr wrote: >>> On 10 Apr 2021, at 09:55, B Shea wrote: OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 >>> >>> There have been a few critical patches to open SSL in

Re: Letsencrypt/OpenSSL test - Verify return code: 21

On 10 Apr 2021, at 12:57, Juri Haberland wrote: > On 10/04/2021 19:52, @lbutlr wrote: >> On 10 Apr 2021, at 09:55, B Shea wrote: >>> OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 >> >> There have been a few critical patches to open SSL in the last year, >> including a very importa

Re: Letsencrypt/OpenSSL test - Verify return code: 21

On 10/04/2021 19:52, @lbutlr wrote: > On 10 Apr 2021, at 09:55, B Shea wrote: >> OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 > > There have been a few critical patches to open SSL in the last year, > including a very important one to 1.1.1k just recently. > > Not to do with your

Re: Letsencrypt/OpenSSL test - Verify return code: 21

On 10 Apr 2021, at 09:55, B Shea wrote: > OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 There have been a few critical patches to open SSL in the last year, including a very important one to 1.1.1k just recently. Not to do with your issue, but I suspect updating both openssl and D

Re: Letsencrypt/OpenSSL test - Verify return code: 21

> On 10/04/2021 19:09 Brady Shea wrote: > > > OS: Ubuntu 20.04.2 (on mutli-core VM) > Dovecot (Ubuntu default/repo version): 2.3.7.2 (3c910f64b) > OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 > > Reproducing- > > Run: "openssl s_client -showcerts -connect imap.example.com:

Letsencrypt/OpenSSL test - Verify return code: 21

OS: Ubuntu 20.04.2 (on mutli-core VM) Dovecot (Ubuntu default/repo version):  2.3.7.2 (3c910f64b) OpenSSL (Ubuntu default/repo version):  1.1.1f  31 Mar 2020 Reproducing- Run:  "openssl s_client -showcerts -connect imap.example.com:993 -servername imap.example.com" (using a diff domain obviousl

Letsencrypt/OpenSSL test - Verify return code: 21

OS: Ubuntu 20.04.2 (on mutli-core VM) Dovecot (Ubuntu default/repo version):  2.3.7.2 (3c910f64b) OpenSSL (Ubuntu default/repo version):  1.1.1f  31 Mar 2020 Reproducing- Run:  "openssl s_client -showcerts -connect imap.example.com:993 -servername imap.example.com" (using a diff domain obviousl

Re: Letsencrypt certificate for repo.dovecot.org expired May 14th..

So it seems. Guess our certbot does not support post hook directories, since it's not executing the hooks there. Aki On 12.09.2018 08:56, B. Reino wrote: > > FYI, it happened again :) > > On July 15, 2018 10:49:08 AM GMT+02:00, "B. Reino" wrote: >> Dear Aki, >> >> I think the renewal failed aga

Re: Letsencrypt certificate for repo.dovecot.org expired May 14th..

FYI, it happened again :) On July 15, 2018 10:49:08 AM GMT+02:00, "B. Reino" wrote: >Dear Aki, > >I think the renewal failed again. The SSL certificate expired Saturday, > >14 July 2018. > >This affects (at least) the repo.dovecot.org website and debian >repository. > >Thanks, >Bernardo. > >O

Re: Letsencrypt certificate for repo.dovecot.org expired May 14th..

gt; Date: 15/07/2018 11:49 (GMT+02:00) > To: Aki Tuomi > Cc: Dovecot Mailing List > Subject: Re: Letsencrypt certificate for repo.dovecot.org expired May 14th.. > > Dear Aki, > > I think the renewal failed again. The SSL certificate expired Saturday, > 14 July 2018. &

Re: Letsencrypt certificate for repo.dovecot.org expired May 14th..

certbot clearly hates me ---Aki TuomiDovecot oy Original message From: "B. Reino" Date: 15/07/2018 11:49 (GMT+02:00) To: Aki Tuomi Cc: Dovecot Mailing List Subject: Re: Letsencrypt certificate for repo.dovecot.org expired May 14th.. Dear Aki, I think the rene

Re: Letsencrypt certificate for repo.dovecot.org expired May 14th..

Dear Aki, I think the renewal failed again. The SSL certificate expired Saturday, 14 July 2018. This affects (at least) the repo.dovecot.org website and debian repository. Thanks, Bernardo. On 2018-05-15 08:15, Aki Tuomi wrote: On 15.05.2018 09:14, B. Reino wrote: Dear all, Just in case

Re: Letsencrypt certificate for repo.dovecot.org expired May 14th..

On Tue, 15 May 2018, Aki Tuomi wrote: On 15.05.2018 09:14, B. Reino wrote: Dear all, Just in case you've missed it, the certificate for repo.dovecot.org just expired yesterday. This causes errors in e.g. apt-get update. Thanks in advance for fixing it, -- B. Reino Seems something went wro

Re: Letsencrypt certificate for repo.dovecot.org expired May 14th..

On 15.05.2018 09:14, B. Reino wrote: > Dear all, > > Just in case you've missed it, the certificate for repo.dovecot.org > just expired yesterday. > > This causes errors in e.g. apt-get update. > > Thanks in advance for fixing it, > > -- > B. Reino Seems something went wrong during deployment,

Letsencrypt certificate for repo.dovecot.org expired May 14th..

Dear all, Just in case you've missed it, the certificate for repo.dovecot.org just expired yesterday. This causes errors in e.g. apt-get update. Thanks in advance for fixing it, -- B. Reino

Re: Dovecot and Letsencrypt certs

On Wed, 13 Sep 2017, Luigi Rosa wrote: > Robert Wolf wrote on 13/09/2017 10:26: > > > are you sure? What is the refresh time? Instantly or with some delay? Have > > you > > tested what happens if I install new key, but I delay installing correct > > certificate? Does postfix keep the old key+cert

Re: Dovecot and Letsencrypt certs

Robert Wolf wrote on 13/09/2017 10:26: are you sure? What is the refresh time? Instantly or with some delay? Have you tested what happens if I install new key, but I delay installing correct certificate? Does postfix keep the old key+cert or stop using any cert because the new key is not correct

Re: Dovecot and Letsencrypt certs

On Tue, 12 Sep 2017, Daniel Miller wrote: > And remove that "postfix reload" command - Postfix doesn't require explicit > reloading. It'll pickup the changed cert automagically. > > Daniel Hoi Daniel, are you sure? What is the refresh time? Instantly or with some delay? Have you tested what h

Re: Dovecot and Letsencrypt certs

On 13/09/2017 05:31, Joseph Tam wrote: On Tue, 12 Sep 2017, dovecot-request wrote: What's wrong with using a certbot "post-hook" script such as: #!/bin/bash echo "Letsencrypt renewal hook running..." echo "RENEWED_DOMAINS=$RENEWED_DOMAINS" echo "RE

Re: Dovecot and Letsencrypt certs

On Tue, 12 Sep 2017, dovecot-requ...@dovecot.org wrote: What's wrong with using a certbot "post-hook" script such as: #!/bin/bash echo "Letsencrypt renewal hook running..." echo "RENEWED_DOMAINS=$RENEWED_DOMAINS" echo "RENEWED_LINEAGE=$RENEWED_LINE

Re: Dovecot and Letsencrypt certs

And remove that "postfix reload" command - Postfix doesn't require explicit reloading. It'll pickup the changed cert automagically. Daniel On 9/12/2017 9:26 AM, Daniel Miller wrote: What's wrong with using a certbot "post-hook" script such as: #!/bin/

Re: Dovecot and Letsencrypt certs

What's wrong with using a certbot "post-hook" script such as: #!/bin/bash echo "Letsencrypt renewal hook running..." echo "RENEWED_DOMAINS=$RENEWED_DOMAINS" echo "RENEWED_LINEAGE=$RENEWED_LINEAGE" if grep --quiet "your.email.domain" &

Re: Dovecot and Letsencrypt certs

writes: "writing a script to check the certs" - there is no need to write any scripts. As one mentioned, it's done by a hook to certbot. Please read the manuals for LE or certbot. The issue you have is quite common and of course certbot designed to do it for you. Won't work, of course, if you

Re: Dovecot and Letsencrypt certs

On Friday 08 of September 2017, Ralph Seichter wrote: > On 08.09.2017 16:20, LuKreme wrote: > > However, it seems like checking the certs is something that dovecot > > should be doing on its own. > > What is Dovecot supposed to do? Keep track of the certificate expiry > date? That was already d

Re: Dovecot and Letsencrypt certs

Oh, also I removed the '2>1> /dev/null' from the acme.sh crontab entry so that it will always send an email; and entered this in sieve: # --- let's encrypt --- if header :contains "subject" "acme.sh" {   if body :regex "Error[[:space:]]+renew" { #    redirect :copy "b...@example.com";    

Re: Dovecot and Letsencrypt certs

If you're using acme.sh: acme.sh --installcert -d imap.example.com \   --keypath /etc/pki/dovecot/private/imap.example.com.pem \   --certpath /etc/pki/dovecot/certs/imap.example.com.crt \   --fullchainpath /etc/pki/dovecot/certs/imap.example.com.full.chain.crt \   --reloadcmd    "systemctl

Re: Dovecot and Letsencrypt certs

"writing a script to check the certs" - there is no need to write any scripts. As one mentioned, it's done by a hook to certbot. Please read the manuals for LE or certbot. The issue you have is quite common and of course certbot designed to do it for you. The manual: https://certbot.eff.org/docs/us

Re: Dovecot and Letsencrypt certs

On 08 Sep 2017, at 12:21, Ralph Seichter wrote: > On 08.09.2017 19:51, @lbutlr wrote: >> How I would do it is IF the certificate is expired, the dovecot should >> check if there is a new cert and if so, load it. > New cert as in file modification date or checksum changed? Either one, but checksu

Re: Dovecot and Letsencrypt certs

On 08.09.2017 19:51, @lbutlr wrote: > How I would do it is IF the certificate is expired, the dovecot should > check if there is a new cert and if so, load it. New cert as in file modification date or checksum changed? Might work. Still, from what I seem to remember, Dovecot loads certificate dat

Re: Dovecot and Letsencrypt certs

On 08 Sep 2017, at 10:08, Ralph Seichter wrote: > What is Dovecot supposed to do? Keep track of the certificate expiry > date? And if that is passed, then what? Automatically shutdown/restart? > What if the certificate has not been updated in between? I think that > handling certificates is better

Re: Dovecot and Letsencrypt certs

On 08 Sep 2017, at 09:28, Вадим Бажов wrote: > "I think it’s probably easier to just kick dovecot once a month." - > that's not good from system administration's point of view. You can > get into trouble when certificate is renewed but dovecot isn't > reloaded yet. That's simply not possible. The

Re: Dovecot and Letsencrypt certs

On 08.09.2017 16:20, LuKreme wrote: > That is a great solution, but I think it’s probably easier to just > kick dovecot once a month. Certbot hooks are very easy to write, and are only executed when the certificate is updated. In that light, I can see no advantage in "kick dovecot once a month".

Re: Dovecot and Letsencrypt certs

"I think it’s probably easier to just kick dovecot once a month." - that's not good from system administration's point of view. You can get into trouble when certificate is renewed but dovecot isn't reloaded yet. And, doing something via cron just by-guess, once a month - is a no no logic. "it seem

Re: Dovecot and Letsencrypt certs

On Sep 8, 2017, at 07:56, Darac Marjal wrote: > #!/bin/bash > >set -e >set -u >set -o pipefail > >if [[ ${1} == "deploy_cert" && ${2} == "mail.darac.org.uk" ]]; then >echo " + Hook: Restarting Dovecot..." >/usr/sbin/service dovecot restart >fi > >

Re: Dovecot and Letsencrypt certs

On Fri, Sep 08, 2017 at 06:47:25AM -0600, @lbutlr wrote: So this morning at 4am I was awoken to my mail clients getting certificate errors for an expired certificate. I hopped on to the server and checked and… no, the LE certs renewed last month and are valid until November. After some moment

Re: Dovecot and Letsencrypt certs

On 08-09-2017 09:47, @lbutlr wrote: > Should dovecot check for certs being refreshed? Or is this an artifact of my > using symbolic links everywhere to point to the newest LE certs (which are > themselves links the dehydrate script creates to point to the newest > cert-1502534746.csr etc files?

Re: Dovecot and Letsencrypt certs

Dovecot seems to load certificates into memory and don't refresh them until restart, or may be reload. And this is a correct logic. You better add restart/reload task to the LE cron job after the successful renewal of LE certificate. Check that it really works as it should. Dovecot shouldn't be res

Dovecot and Letsencrypt certs

So this morning at 4am I was awoken to my mail clients getting certificate errors for an expired certificate. I hopped on to the server and checked and… no, the LE certs renewed last month and are valid until November. After some moments of confusion I noticed that dovecot had been running sinc

Re: letsencrypt

On 04/03/17 04:07, David Mehler wrote: With the web it was easy just let apache serve the token that letsencrypt needed and I got certificates. How do I do this with regards email? I know there have been some answers to this already but FWIW I use dehydrated directly from Github and this

Re: letsencrypt

Thanks. Is there another way of doing this? I've got a web server running on 80 and 443. Are there any other options? I'm getting this list in digest mode, so it's possible by the time this gets to you, I will have repeated someone else' suggestion. In this situation, where your dovecot serve

Re: letsencrypt

You can either drop the authentication token into /.wellknown on your running server, or take down the server for a minute to run certbot every couple months. I'm not a fan of symlinks out of config directories and certainly not across chroot / jail boundaries so I manually copy the certs into th

Re: letsencrypt

David Mehler writes: I'm wanting letsencrypt to take over as my CA, replacing existing self signed certificates. I've got web working, a certificate for https sites and one for webmail as they have different names. What I'm now wanting to do is get letsencrypt going for my e

Re: letsencrypt

using letsencrypt for their CA. If this is to off topic write me privately. I'm wanting letsencrypt to take over as my CA, replacing existing self signed certificates. I've got web working, a certificate for https sites and one for webmail as they have different names. What I'm now

Re: letsencrypt

Yes: I'm using the acme.sh client, and I can do: > acme.sh --issue --standalone -d example.com --httpport 88 It does what you'd expect: it runs using a small webserver on port 88 I only just discovered that option myself :-) MJ On 03/03/2017 08:22 PM, David Mehler wrote: Hello, Thanks. Is

Re: letsencrypt

Hello, Thanks. Is there another way of doing this? I've got a web server running on 80 and 443. Are there any other options? Thanks. Dave. On 3/3/17, Michael Neurohr wrote: > On 2017-03-03 19:07, David Mehler wrote: >> Hello, >> >> I know some users here are using le

Re: letsencrypt

On 2017-03-03 19:07, David Mehler wrote: > Hello, > > I know some users here are using letsencrypt for their CA. If this is > to off topic write me privately. > > I'm wanting letsencrypt to take over as my CA, replacing existing self > signed certificates. I've got

Re: letsencrypt

auth, and use nsupdate to let it get the token. On 3/3/17, 12:07 PM, "dovecot on behalf of David Mehler" wrote: Hello, I know some users here are using letsencrypt for their CA. If this is to off topic write me privately. I'm wanting letsencrypt to take

Re: letsencrypt

; > wrote: > > Hello, > > I know some users here are using letsencrypt for their CA. If this is > to off topic write me privately. > > I'm wanting letsencrypt to take over as my CA, replacing existing self > signed certificates. I've got web wo

Re: letsencrypt

I have DNS setup as my auth, and use nsupdate to let it get the token. On 3/3/17, 12:07 PM, "dovecot on behalf of David Mehler" wrote: Hello, I know some users here are using letsencrypt for their CA. If this is to off topic write me privately. I

letsencrypt

Hello, I know some users here are using letsencrypt for their CA. If this is to off topic write me privately. I'm wanting letsencrypt to take over as my CA, replacing existing self signed certificates. I've got web working, a certificate for https sites and one for webmail as they have

Re: a question about certificates from letsencrypt

Hi Andreas, On 19/08/2016 10:11 PM, Andreas Meyer wrote: > Hello! > > Certificates from letsencrypt are renewed every three months. > > Does that mean a MUA has to accept the renewed certificates manually > everytime it is renewed? No, if the certificate is not a self-sign

Re: a question about certificates from letsencrypt

On 08/19/2016 04:30 PM, Sven Strickroth wrote: Am 19.08.2016 um 14:40 schrieb Adrian Minta: The cert doesn't work with old clients. What do you understand under old? Ok, Windows XP clients might be problematic regarding SNI and used ciphers, but starting with Vista all clients which use the W

Re: a question about certificates from letsencrypt

Hi, On 08/19/2016 03:11 PM, Andreas Meyer wrote: > Certificates from letsencrypt are renewed every three months. I'm using a Let's Encrypt certificate w/o problems for > 6 months now (three times renewed) for web, SMTP and IMAP. As I'm also using DANE I wrote my own script

Re: a question about certificates from letsencrypt

On 19.08.2016 14:12, Aki Tuomi wrote: > Depends how your MUA validates the certificate. > > If it just checks CA, then no. Also I don't think the private key > changes, so it should not cause recheck either. Other checks, maybe. Last time I checked, the LetsEncrypt client gene

Re: a question about certificates from letsencrypt

The cert doesn't work with old clients. On 08/19/2016 03:11 PM, Andreas Meyer wrote: Hello! Certificates from letsencrypt are renewed every three months. Does that mean a MUA has to accept the renewed certificates manually everytime it is renewed? Sorry if this is OT! Greetings An

Re: a question about certificates from letsencrypt

On 19.08.2016 15:11, Andreas Meyer wrote: > Hello! > > Certificates from letsencrypt are renewed every three months. > > Does that mean a MUA has to accept the renewed certificates manually > everytime it is renewed? > > Sorry if this is OT! > > Greetings >

a question about certificates from letsencrypt

Hello! Certificates from letsencrypt are renewed every three months. Does that mean a MUA has to accept the renewed certificates manually everytime it is renewed? Sorry if this is OT! Greetings Andreas