SSL Certificate not updating

cluelessnyc · September 13, 2020, 6:44pm

So I’m running MiAB on Ubuntu 14.04 without a problem for 4 years. Then all of a sudden on Friday Sept 11 the SSL certificated expired and won’t update. I run MiAB install again on that box and get the following error. Any guidance on fixing this? BTW - on a parallel server, I installed Ubuntu 18.XX with MiAB 4.0. Getting same SSL issues.

14:15:59.790639 * SSL certificate problem: unable to get local issuer certificate

0 0 0 0 0 0 0 0 --:–:-- --:–:-- --:–:-- 0*
14:15:59.790794 * Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a “bundle”

of Certificate Authority (CA) public keys (CA certs). If the default*
bundle file isn’t adequate, you can specify an alternate file*
using the --cacert option.*
If this HTTPS server uses a certificate signed by a CA represented in
the bundle, the certificate verification probably failed due to a*
problem with the certificate (it might be expired, or the name might*
not match the domain name in the URL).*

alento · September 13, 2020, 8:15pm

I think that the real question here needs to be why the SSL certificate did not update. For that you will need to review the Let’s Encrypt logs.

I’m not going to say anything about using a version of MiaB that is now over a year and a half End of Life. That honestly, is not the biggest concern here - but definitely needs to be addressed.

box · September 14, 2020, 11:43am

I have had same problem, so decided to upgrade 2day …

box · September 16, 2020, 8:17am

So I have tried to upgrade from v0.28 to v0.48 and that did not work as expected …
Here is what has worked for me:

upgrade to latest version running on 14.04 which is 0.30
mv ./mailinabox ./mailinabox.v28
git clone -b v0.30 https://github.com/mail-in-a-box/mailinabox.git
cd mailinabox
git checkout
setup/start.sh
BackUp everything
Get the 18.04 running
Install v0.40
sudo git clone -b v0.40 https://github.com/mail-in-a-box/mailinabox.git
cd mailinabox
sudo git checkout
sudo setup/start.sh
Restore your BackUp of MIAB (I have back up to NAS)
cd /mnt/NAS/.MIAB/20200914T145140Z-v0.30
export PASSPHRASE=$(cat secret_key.txt)
sudo -E duplicity restore --force file:///mnt/NAS/.MIAB/20200914T145140Z-v0.30/backup/encrypted /home/user-data/
Run the script
~/mailinabox/setup/start.sh
Remove/Backup old certs
cd /home/user-data/
sudo tar cpf old-ssl.tar ssl
sudo rm -r ./ssl/*
Generate new ones (possibly before they expire, or will it make a difference??)
~/mailinabox/management/ssl_certificates.py

alento · September 16, 2020, 12:04pm

Nice job @box! I am sure that this will come in handy for several people. Thanks for posting this!

system · September 23, 2020, 12:04pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.