My Mail In A Box SSL certificate expired and now I cannot access the box securely. I am still able to login using SSH however I have tried to no avail how to renew SSL certificate. My setup is as follows:
Mail In A Box: (IP Address 1) box.[mydomain].com
Webserver (IP Address 2) www.[mydomain].com
After trying several different methods, the following worked in creating a valid certificate for my MIAB server:
Did you try the recommended method of running the proper script?
script from the mailinabox/management directory
What method did you try that created the certificate? It almost appears that you installed certbot as the location of the certificates is the default letsencrypt location whilst Mail-in-a-Box stores the certificates in /home/user-data/ssl/
You can disable HSTS in Firefox by following ‘Method 4’ in this article:
Doing so will allow you to access your admin page to go to the System>TLS (SSL) Certificates page.
However, the more important question that needs to be explored is why the certificate was not automatically renewed by MiaB.
Thank you for the pointers. I spent a fair amount of time trying to figure this out and here is what actually resolved the issue: Thank you for the clarification on where the certificates are installed. I did not know that although I had observed several locations with the certificate files. I think the original issue is because the terms of service for letsencrypt had not been agreed to. At least that was the error message that kept coming up when I was manually running the script to renew certificates (at least I think)
~/mailinabox/management$ sudo ./ssl_certificates.py
Provisioning TLS certificates for
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
You should register before running non-interactively, or provide --agree-tos and --email <email_address> flags.