I haven’t tried updating to the latest version of MiaB yet, mainly because I have a lot of custom modifications, and I’m afraid to mess with them during our busy season (I use MiaB for my company’s email).
However, I know that support for Let’s Encrypt was recently added. I am still using my homegrown solution, which was working fine until I needed to renew the cert. I was successfully able to renew the cert using my script, and access my server’s MiaB admin panel via HTTPS without any problem.
Unfortunately, I guess port 995 didn’t get the message, because my mail clients were still receiving the old (now expired) cert. I struggled with this for a while, until as a last-ditch effort I copied the contents of cert.pem and chain.pem (which contains the renewed cert and chain) from /etc/letsencrypt/live/box.example.com/ into the admin panel, under the “replace certificate” dialog.
For some reason, this seems to have worked. My best guess is that MiaB was caching a copy of the cert somewhere else, and it was serving the old cert from this location for connections over port 995. By using “replace certificate”, I guess I updated this copy. Is this correct?
Also, will I need to do this next time I renew my cert, if I upgrade to the latest MiaB?