I use something like this script to renew my SMTP and IMAP certificates
(/etc/cron.weekly/certbot-renew):
#!/bin/sh
hostcert=/etc/letsencrypt/live/mail.example.com
certlink="$(readlink "${hostcert}/cert.pem")"
test -x /usr/bin/certbot || exit 72
certbot certonly --quiet --standalone --keep-until-expiring \
-d mail.example.com \
-d imap.example.com \
--email postmaster@xxxxxxxxxxx \
--agree-tos --expand
# Exit if the cert hasn't been updated
test "${certlink}" = "$(readlink "${hostcert}/cert.pem")" && exit
cat ${hostcert}/fullchain.pem ${hostcert}/privkey.pem >
/usr/lib/courier/share/esmtpd.pem
cat ${hostcert}/fullchain.pem ${hostcert}/privkey.pem >
/usr/lib/courier/share/imapd.pem
systemctl restart courier
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
