1 (edited by mrimichael 2022-03-30 03:31:37)

Topic: failure after certificate renewal

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):  1.4.0
- Deployed with iRedMail Easy or the downloadable installer?  downloadable installer
- Linux/BSD distribution name and version:  Ubuntu 18.04.4 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  PGSQL
- Web server (Apache or Nginx):  Nginx
- Manage mail accounts with iRedAdmin-Pro?  Yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I got a notification email which explained that my certificate was going to expire soon so I did some shopping around. The original cert was through digicert but I found a better price with Sectigo so I went with them. Since I have multiple servers which need certificates I with with a domain validation certificate. I went through the steps with my ISP to generate the CSR and submitted it to Sectigo and got my cert within a few minutes.

When I copied the certificate to the server and did the appropriate renaming I saw that the file sizes were different than they were on the old certificate. For instance, The iRedMail.key was 1708 butes and the new one is 2204 butes. The old iRedMail.crt file is 4124 bytes and the new one is 5652. I must have done something wrong, but I thought I followed the directions properly.

Can one use a DV SSL with iRedMail? If so, what changes must I make to the CSR procedure so that it works?

I should add that before I decided to go with a DV SSL, I followed the instructions on generating the CSR for the single server.

Thanks

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team.

2

Re: failure after certificate renewal

it is just a normal cert, nothing special, but without logs noone can help you