New SSL certificates not used for IMAP/SMTP

Hello all,

I have problems with the installation of SSL certificates.
Here is the status:

• my mail-in-a-box system is up and running with the last version installed and no update needed or reboot required
• no error concerning the SSL renewal as far as I can see
• my SSL certificates are automatically renewed using letsencrypt
• a renewal had just taken place last week
• the new certificate is correctly used by the webinterface (admin and webmail both uses the correct certificate)
• neither imap nor smtp uses the new one
  On the server itself if I ask for the certificate used for 993 or 587 I get the old one.
  Even after a reboot the SSL certificates are not the correct one.

I tried to find answer online but to no avail.
I hope someone can help me

New info:
After further investigation, it looks like dovecot and postfix uses the certificates that are in /etc/letsencrypt/live/XXX.
The files in this directory are links to the old certificates in /etc/letsencrypt/archive/XXX.
So obviously the problems are those links but I don’t know what to do now…

Thanks,

Erik

What is “with the last version”? How did you determine /etc/letsencrypt is used?
On my system postfix and dovecot use /home/user-data/ssl/ssl_certificate.pem which is indeed a symlink, but which points to the latest version.

Thanks for the help !
You were right: it was the configuration files for dovecot and postfix that didn’t point to the correct files.
I replaced with /home/user-data/ssl/… instead of /etc/letsencrypt/… and it worked.

It’s still interesting why the configuration change was necessary. Did you edit them in the past? I think the Mailinabox setup script should provide the correct configuration.

It was my first install of a mail-in-a-box server I followed a tutorial and I guess I was instructed to modify those files as they were.
As it was mentionning /etc/letsencrypt/live/something I suppose I found it reasonable at the time and as everything was working fine I forgot about that point.