Browser roundcube unavailable since cert expired

My so-called cert has expired and now Chrome won’t let me access my mail.

Where is the doco on MIAB to get new certs or renew them?

This is so infrequent that I won’t ever remember these steps.

Any suggestions welcomed.

Receiving email that certs are about to expire does not really help.

Need MIAB instructions or doco on how to avoid this issue.

Crippled without email.

An expired cert should be something that you can work around.

In Chrome, in the html area, (where roundcube should be) click on “Advanced”, then click on “proceed to {yourdomain.tld} (unsafe)”

And away you go.

You should be able to get a new, letsencrypt certificate by going to

https://box.yourdomain.tld/admin/

and clicking on system, choosing the TLS (SSL) certificaticates menu option and then click on replace certificate.

If those options aren’t available, it’s likely you are running an older version of MIAB, and I recommend you upgrade to the latest version here:

https://mailinabox.email/maintenance.html#upgrade

Yes the work around works only on firefox. No workaround for my phone email app: K-9.

The Letsencrypt site has these instructions from Digitalocean

$ sudo certbot-auto --apache -d mydomain.xyz -d box.mydomain.xyz -d www.mydomain.xyz [sudo] password for : Upgrading certbot-auto 0.11.0 to 0.11.1... Replacing certbot-auto... Creating virtual environment... Installing Python packages... Installation succeeded. Saving debug log to /var/log/letsencrypt/letsencrypt.log Failed to find apache2ctl in PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin The apache plugin is not working; there may be problems with your existing configuration. The error was: NoInstallationError('Cannot find Apache control command apache2ctl',)

You should not be using certbot as a standalone command line argument. MIAB doesn’t use apache, stores its certificates in a different location, and uses a python library to get the certificates, not certbot. Don’t use certbot.

Let MIAB manage your letsencrypt certificates directly.

Should you desire to renew a certificate directly via MIAB, the command you want to run is:
/root/mailinabox/management/ssl_certificates.py

Even better, use the admin interface to request the certificates.

# /root/mailinabox/management/ssl_certificates.py Traceback (most recent call last): File "/root/mailinabox/management/ssl_certificates.py", line 793, in <module> provision_certificates_cmdline() File "/root/mailinabox/management/ssl_certificates.py", line 436, in provision_certificates_cmdline status = provision_certificates(env, agree_to_tos_url=agree_to_tos_url, logger=my_logger, force_domains=force_domains, show_extended_problems=show_extended_problems) File "/root/mailinabox/management/ssl_certificates.py", line 258, in provision_certificates import acme.messages File "/usr/local/lib/python3.4/dist-packages/acme/messages.py", line 4, in <module> from acme import challenges File "/usr/local/lib/python3.4/dist-packages/acme/challenges.py", line 9, in <module> import OpenSSL ImportError: No module named 'OpenSSL'