This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
internet:security:ssl_cert_letsencrypt_zimbra [2022/08/31 09:09] gcooper |
internet:security:ssl_cert_letsencrypt_zimbra [2022/09/06 12:31] gcooper |
||
---|---|---|---|
Line 14: | Line 14: | ||
===== Troubleshooting ===== | ===== Troubleshooting ===== | ||
+ | |||
+ | Certbot logs to ''/ | ||
If you have trouble reissuing a new cert, or **if Zimbra won't start**, recreate and deploy a new self-signed cert to get Zimbra ' | If you have trouble reissuing a new cert, or **if Zimbra won't start**, recreate and deploy a new self-signed cert to get Zimbra ' | ||
Line 20: | Line 22: | ||
If a certificate renewal fails, try reissuing a new cert instead. | If a certificate renewal fails, try reissuing a new cert instead. | ||
+ | |||
+ | ===== Modifications ===== | ||
+ | |||
+ | <note tip> | ||
+ | |||
+ | <note tip>You **can** modify the script to support **additional SANs**...</ | ||
+ | |||
+ | <note tip> | ||
+ | |||
+ | < | ||
+ | #!/bin/bash | ||
+ | # | ||
+ | # Modification to suppress e-mailed cron job notifications every day | ||
+ | MAILTO="" | ||
+ | # | ||
+ | # Modification for SAN certificate with multiple hostnames | ||
+ | # This may/will need to be adjusted for hostnames and possibly cert name | ||
+ | # If you followed the howto above using just the actual hostname, it will look like this | ||
+ | / | ||
+ | # | ||
+ | # Modification to test if cert was changed then exit script | ||
+ | if grep "not yet due for renewal" | ||
+ | exit 0 | ||
+ | fi | ||
+ | # | ||
+ | cp "/ | ||
+ | chown zimbra: | ||
+ | wget -O / | ||
+ | rm -f "/ | ||
+ | cp "/ | ||
+ | cat / | ||
+ | chown zimbra: | ||
+ | cd /tmp | ||
+ | su zimbra -c '/ | ||
+ | rm -f "/ | ||
+ | </ |