Replies: 2 comments
-
I almost didn't understand how it's related to PostfixAdmin ... but then realised you're referring to Dovecot being unable to read the ssl file. Personally, I'd add a hook script into LetsEncrypt to copy the produced certificate to something like /etc/dovecot/ssl/ at which point in time you can also change the file's ownership/permissions so Dovecot is happy. Alternatively, just have a daily cron job which copies the current letsencrypt cert to /etc/dovecot/ssl, and so on (if you can't figure out how to do everything with a hook script). Bonus points for restarting dovecot only when the certificate changes etc..... This might help .... AHASH_1=$(md5sum /etc/letsencrypt/something/something/whatever.crt)
AHASH_2=$(md5sum /etc/dovecot/ssl/whatever.crt)
if [ "$AHASH_1" != "$BHASH_1" ] || [ "$AHASH_2" != "$BHASH_2" ]; then
service dovecot restart
fi David. |
Beta Was this translation helpful? Give feedback.
-
Hello and thanks for your reply I just saw the previous discussion on this topic When I change password hash method everything works fine without need to change access permissions
But I have to manually add {SHA512-CRYPT} before each password in the database. |
Beta Was this translation helpful? Give feedback.
-
Hello, I have a problem with the permission to private keys file.
The problem is that a warning is given during installation
"Hosting Environment errors found. Login to see details"
and a password error
"Your email address or password is not correct."
is displayed on the login page.
By checking the logs, the following error is displayed:
10-ssl.conf line 12: ssl_cert: Can't open file /etc/letsencrypt/live/mydomain.com/fullchain.pem: Permission denied
Some websites have recommended to give read access to www:data user to fix this error by running the following command
setfacl -R -m u:www-data:rx /etc/letsencrypt/live/ /etc/letsencrypt/archive/
And when I do this, the error is fixed.
But this access may create a security problem
I discussed this in the lets encrypt community and I got this answer.
thank you for suggesting a solution.
Beta Was this translation helpful? Give feedback.
All reactions