or the new key and wait
(distribution, caching and margin )
3) edit smtpd_tls_cert_file to point to the new certificate and reload
4) check everything is ok
5) revoke old certificate and clean up old TLSA record
Still theory for me but what do you think ?
--
Marcel de Riedmatten
it with a --test-cert only but I expect it to work
with a real cert.
from the doc
--duplicate Allow making a certificate lineage that duplicates an
existing one (both can be renewed in parallel)
(default: False)
It is certbot 0.31 on ubuntu bionic.
--
Marcel de Riedmatten
vername support to postfix 3.1.
It looks like:
Go to
https://github.com/Snawoot/postfix-mta-sts-resolver/tree/master/postfix
_mta_sts_resolver
and click on sni: make default and add compatibility notice
on the line of defaults.py
--
Marcel de Riedmatten
In the past Viktor has been giving the tip to deactivate that. When i
set up my outgoing DANE i got some unexplain dns issue which have
disapeared after removing the minimisation. The minimisation was a
default setting.
--
Marcel de Riedmatten
