1

Topic: Mismatch in SSL Certificates for nginx and MS outlook as client

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):  0.9.9
- Deployed with iRedMail Easy or the downloadable installer? Yes
- Linux/BSD distribution name and version: Ubuntu 18.0.4 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
I have SSL certificates installed on my server for a few domain. These certificates are regularly updated. Nginx takes the recent updated SSL Certificate issued by LetsEncrypt (on 21st Sept 2019) and runs OK but on the other hand Outlook and iPhones as email clients, look at the previous certificate - issued on 12th July2019 - now expired and keep on prompting the risk of expired security..
Let'sencrypt cannot renew the old Certificate because there is already an updated Certificate available. Whereas MS Outlook and iPhones are looking at this expired certificate and keep on warning on untrusted security because of expired Certificates. Any clue on how to fix this matter for once and for all.
Thanks in advance for your feedback
Cheers

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Mismatch in SSL Certificates for nginx and MS outlook as client

I suggest you review the certificate loaded on your postfix and dovecot.

Also restart the packages after applying the new certificate.

3

Re: Mismatch in SSL Certificates for nginx and MS outlook as client

I suggest you run a cron job to renew the letsencrypt cert, and restart postfix/dovecot/nginx services as post-hook. FYI:
https://docs.iredmail.org/letsencrypt.h … omatically