Differences

This shows you the differences between two versions of the page.

--- internet:security:ssl_cert_letsencrypt_zimbra [2022/09/06 12:21]
gcooper
+++ internet:security:ssl_cert_letsencrypt_zimbra [2022/09/06 12:31]
gcooper
@@ Line 14: / Line 14: @@
 ===== Troubleshooting =====
+Certbot logs to ''/var/log/letsencrypt/letsencrypt.log''.
 If you have trouble reissuing a new cert, or **if Zimbra won't start**, recreate and deploy a new self-signed cert to get Zimbra 'working' again.  Then re-implement a LetsEncrypt cert.
@@ Line 23: / Line 25: @@
 ===== Modifications =====
-<note tip>Suppress daily cron e-mail message...</note>
+<note tip>**Suppress daily cron e-mail message**...</note>
-<note tip>Adjust script to only run if certificate is updated...</note>
+<note tip>You **can** modify the script to support **additional SANs**...</note>
+<note tip>Adjust script to **only run if certificate is updated**...</note>
 <file>
 #!/bin/bash
+#
 # Modification to suppress e-mailed cron job notifications every day
 MAILTO=""
 #
-/usr/local/sbin/certbot certonly --cert-name zimbra3.virtualarchitects.com -d zimbra3.virtualarchitects.com -d zimbra.virtualarchitects.com --standalone --manual-public-ip-logging-ok -n --preferred-chain  "ISRG Root X1" --agree-tos --register-unsafely-without-email
+# Modification for SAN certificate with multiple hostnames
+# This may/will need to be adjusted for hostnames and possibly cert name
+# If you followed the howto above using just the actual hostname, it will look like this
+/usr/local/sbin/certbot certonly --cert-name zimbra2.yourdomain.tld -d zimbra2.yourdomain.tld -d zimbra.yourdomain.tld --standalone --manual-public-ip-logging-ok -n --preferred-chain  "ISRG Root X1" --agree-tos --register-unsafely-without-email
 #
 # Modification to test if cert was changed then exit script

Virtual Architects Support Wiki

User Tools

Site Tools

Differences

Page Tools