Ok, steps were:
- updated to webmin 1.954 & virtualmin 6.11
updates applied:
certbot
clamav
fail2ban
python
usermin
virtualmin-config
wbm-*
webmin
Dovecote server working
- renewed LE cert for mysystemdomain.com
requested certificate for:
mysystemdomain.com
mail.mysystemdomain.com
www.mysystemdomain.com
server1.mysystemdomain.com
Dovecote server stopped could not restart
dovecote.conf - after updating webmin & virtualmin but before LE cert request:
# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf
local_name mail.mysystemdomain.com {
ssl_cert = </home/mysystemdomain/ssl.cert
ssl_key = </home/mysystemdomain/ssl.key
}
local_name mysystemdomain.com {
ssl_cert = </home/mysystemdomain/ssl.cert
ssl_key = </home/mysystemdomain/ssl.key
ssl_ca = </home/mysystemdomain/ssl.ca
}
local_name www.mysystemdomain.com {
ssl_cert = </home/mysystemdomain/ssl.cert
ssl_key = </home/mysystemdomain/ssl.key
ssl_ca = </home/mysystemdomain/ssl.ca
}
local_name anotherdomain.com {
ssl_cert = </home/anotherdomain/ssl.cert
ssl_key = </home/anotherdomain/ssl.key
}
...4500 more lines with domains/alias'/sub domains
dovecote.conf - after updating webmin & virtualmin and after subsequent LE cert request:
# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf
local_name mail.mysystemdomain.com {
ssl_cert = </home/mysystemdomain/ssl.combined
ssl_key = </home/mysystemdomain/ssl.key
}
local_name mysystemdomain.com {
ssl_cert = </home/mysystemdomain/ssl.combined
ssl_key = </home/mysystemdomain/ssl.key
}
local_name www.mysystemdomain.com {
ssl_cert = </home/mysystemdomain/ssl.cert
ssl_cert = </home/mysystemdomain/ssl.combined
ssl_key = </home/mysystemdomain/ssl.key
local_name anotherdomain.com {
ssl_cert = </home/anotherdomain/ssl.cert
ssl_key = </home/anotherdomain/ssl.key
}
...4500 more lines with domains/alias'/sub domains
As I said before adding the missing bracket and dovecote restarted.
Now I’ve posted this I do remember @Joe mentioning something somewhere about extraneous ssl_ca lines in the conf file perhaps those were causing the problem,