After letsencrypt renewal, certs still get not used for default servers like dovecot, etc

OS type and version Centos 7.9.2009
Webmin version 2.013
Virtualmin version 7.5
Related packages SUGGESTED

Still, after all these years, after my main virtual server updates its lets encrypt certs automatically, they dont get used for the default services. Certs expire and all users can not fetch/send emails anymore, I have to login and press the button “Use as default certificates”. Why is this still not automated?



It normally is automated. Something is wrong with the associations on your system. I’m not sure what would have caused that, though.

I know I’ve seen similar problems discussed in the past, but I think it was usually because the certs were being managed outside of Virtualmin using certbot directly (which is not expected to work…since Virtualmin doesn’t know about those certs). Doesn’t sound like that’s what’s happening here, though.

I’m not sure how you’d correctly get it to associate though. Maybe switching to another domain temporarily and then switching back might do it?

Hi Joe,
what do you mean by “associated”? I mean, the lets encrypt renewals work perfectly fine. There should only be the certs used for the default services which I always after renewal have to push the button. After that, the Button is gone. What do you mean by switching to another domain?

Works fine on my system, so it is automated still. Unless your users aren’t using mail.xx or whatever that has a ssl on it then it should work. I just checked there is a “Use as default certificates” there but its only for “Use this SSL certificate as the default in ProFTPD”. Last successful renewal 02/12/2023.

If you have a 2 or more domains, only one domain can have the default certs on the mail system. I’m pretty sure you would notice that straight away if you click it on the other domain.

I had this some time ago … turned out to be a bad entry in dovecot.conf, for some reason’s path to the ssl file was incorrect changing that to the correct path fixed that. not saying this is the issue but worth a look

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.