1

Topic: iredmail, dovecot, letsencrypt

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.5
- Linux/BSD distribution name and version: Ubuntu 14.04.4 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? yes
- Related log if you're reporting an issue:
====

Hi!
I ve switched over to a certificate from letsencrypt. Everything is working perfectly accept dovecot.
When configuring the cert in dovecot.conf

ssl_cert = </etc/letsencncrypt/live/my.domain/fullchain.pem
ssl_key = </etc/letsencncrypt/live/mail/my.domain/privkey.pem


dovecot won't start again.

Any suggestions?

best regards
Günther

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: iredmail, dovecot, letsencrypt

Any logs available?

/var/log/dovecot.log

3

Re: iredmail, dovecot, letsencrypt

When I start dovecot with the lets encrypt certs nothing will be entered into the log file.

4

Re: iredmail, dovecot, letsencrypt

guenther wrote:

ssl_cert = </etc/letsencncrypt/live/my.domain/fullchain.pem

Use cert.pem instead.

5

Re: iredmail, dovecot, letsencrypt

Will not start... :-(

6

Re: iredmail, dovecot, letsencrypt

What's the error message in /var/log/dovecot.log while restarting Dovecot service?

7

Re: iredmail, dovecot, letsencrypt

Thats the problem.
there is no message. When changing the certs and then do a
service dovecot restart
no entries will be made in dovecot log.

very strange.....

8

Re: iredmail, dovecot, letsencrypt

OK, try this:

*) Stop dovecot service.
*) Start dovecot service manually on command line, so that we can see the (potential) error message:

dovecot -c /etc/dovecot/dovecot.conf

9

Re: iredmail, dovecot, letsencrypt

Hi ZhangHuangbin,

thank you very much. You showed me the right way :-))

I have found a typo in the path statement.

original: ssl_cert = </etc/letsencncrypt/live/my.domain/fullchain.pem

correct: ssl_cert = </etc/letsencrypt/live/my.domain/fullchain.pem

you see the difference ;-)

thank you very much.
And enjoy you coffee :-)

ssl_key = </etc/letsencncrypt/live/mail/my.domain/privkey.pem