I’m sorry but I’m really frustrated at this point. These LetsEncrypt problems are killing my business.
These are CentOS 7 systems running the latest version of Virtualmin Pro. On one system, I could not login to get email. System Status showed Dovecot not running. I had manually renewed and set LetsEncrypt to auto renew a few domains last night. I didn’t catch Dovecot being down until this morning.
On the other system, again, after renewing LetsEncyrpt certs, System Status showed Dovecot was not running but in fact it sort of was. Each time I hit start Dovecot, it gave errors that certain processes were already running. I kept rm’ing those processes at which point it listed more. I just gave up and rebooted the system.
Why is LetsEncrypt writing paths to certs in dovecot.conf for every ssl domain? I run under a purchased EV cert which is recognized by all email client software. There is no reason for these to go into Dovecot that I can think of. Can I make it not do that?
Either way, something is wrong with LetsEncrypt on CentOS 7 systems running Virtualmin Pro. I have not had any issues with CentOS 6 systems running Cloudmin nor Virtualmin Pro.
Please help. These time bombs going off over and over are not acceptable.
There are few bugs currently in relation to Dovecot and how SSL certificates are handled. We are aware and working on fixing it for upcoming, new Virtualmin release.
I haven’t been able to reproduce this problem in my testing (and my servers that have the config discussed do not exhibit the problem), so I don’t know if that suggestion will help, but it’s all I’ve got. We’re definitely generating wrong config, but it seems to be harmless wrong config on my servers, but maybe in some cases it is not harmless. So, try it, and see what happens. Since it is cert related, this seems the most likely candidate.
As this is possibly the same problem that i am having with Debian 9 Webmin/Virtualmin and Dovecot, i would be interested in knowing if the O.P here is still able to recieve emails?
On my system, even though it says Dovecot has entered a failed state, it still delivers emails.
Go into a hotmail,gmail,yahoo mail account and send yourself an email and see if it comes through.
Also, with my system, I can have Virtualmin saying dovecot is running fine, and yet if i go into command shell and type
systemctl status dovecot
i get:
dovecot loaded
dovecot active is a failed state error.
Irrespective of the above, my system is still delivering emails via imap and pop3 (SSL and START TLS)
Last week I saw red warning in Virtualmin “server status tab” - dovecot is not running.
I immediately tested it with email client and everything was working fine. I manually restarted dovecot from console and status in virtualmin changed to OK.
2 days ago I updated system and after reboot everything was working fine, dovecot was up&running. Today 2 days after everything was fine dovecot was not running anymore. Service was not delivering emails. I started dovecot service manually from webmin and now mail delivery is working but:
edit:
I checked /var/log/syslog for that time and found out system also restarted NGINX server. I’m still trying to find if some letsEncrypt certificates were updated at that time I guess after certificate renewal services using this cert need to be restarted?
