exim_sni not renewing Lets Encrypt for mail.domain.com

urbee

Verified User
Joined
Mar 27, 2009
Messages
124
We have an issue with autorenewing SSL certificates for exim_sni for (i believe) all domains.

I have followed setting this:

https://directadmin.com/features.php?id=2019

The domain and subdomain (domain.com and mail.domain.com) are visible in /etc/virtual/snidomains.

Problem is, the cert in /usr/local/directadmin/data/users/username/domains/domain.com.cert.combined is NOT updated automaticly after Lets Encrypt renews.
If i go to user level and "Save" it again, then the system rewrites this upper file. On Lets Encrypt autorenew its not.

What could be the issue?
 
So you're sure you don't have the "exim_sni" setting anymore in directadmin.conf? If yes, change it.

If not, when the certificate is not updated there should be a notice with an error in the domains system messages section. What does it say?
 
So you're sure you don't have the "exim_sni" setting anymore in directadmin.conf? If yes, change it.

If not, when the certificate is not updated there should be a notice with an error in the domains system messages section. What does it say?

There is only enable_ssl_sni=1 and mail_sni=1 in directadmin.conf.

Funny thing is the LE ssl does update and renew, it just doesnt renew in the file i mentioned that keeps the mailserver cert renewed.
No messages there.
 
Restart exim/dovecot and check again. If certs were renewed, but you see warnings in SMTP/POP/IMAP, you need to restart the services to let them to load updated certs.
 
Without knowing specifics, it's tricky to debug, but I have seen issues where the hostname matches a User domain, which causes headaches, as if it's the hostname, the script won't look at the User LetsEncrypt settings.
Beyond that, aside from guessing, I'd recommend creating a ticket, and include all names, hostname values, etc.. so it's easier to track down the cause.

You could always manually test the renewal checks for a given domain to see what the dataskq is up to, eg:
Code:
echo "action=rewrite&value=mail_sni&domain=domain.com" >> /usr/local/directadmin/data/task.queue
John

John
 
Back
Top