On a GPL server I have created a server matching the hostname of the server (obviously FQDN name). I then issued a LetsEncrypt SSL for the Apache side of things and of course all is working well. I then configured Dovecot and Postfix to use that ssl certificate (by putting the path into Dovecot & Postfix config).
This is from Dovecot: ssl_cert = </home/myserver.mydomain.com/ssl.cert ssl_key = </home/myserver.mydomain.com/ssl.key ssl_ca = /home/myserver.mydomain.com/ssl.ca
Dovecot and Postfix work well of course with the certificate. THE PROBLEM however is that when the system automatically (every 2 months) renews the Apache SSL, dovecot and postfix are not reloaded (or restarted). The result is that clients (IMAP for example) are getting connection errors because Dovecot and Postfix are actually using the expired domain and not the renewed one.
What am I doing wrong here? How can this be fixed?
Just restart those services after each renewal.
I am doing it but another way, i'm using on the SSL cert page the 2 or 3 buttons saying "copy to Postfix", "copy to Dovecot", ... and I do not have that problem... Maybe something get's written somewhere that restart those services when renewing ?
This sounds like the solution if you have never had to restart the mail services Thank you