Miscellaneous first checks
Affected Component(s)
mailserver does not use renewed let's encrypt certificate
What happened and when does this occur?
I'm using traefik v2 to get and renew certificates. The traefik json which holds the certificates has been mounted as volume into the mailserver docker container. When the certificate gets renewed by traefik (~4 weeks before expiry), the mailserver does not recognise this certificate and keeps using the old one.
I checked certificate with https://www.checktls.com/TestReceiver and it still shows the old one. Opening the Website that uses the same hostname and certificate, it shows the renewed one.
When I do a restart of the docker container, the new certificate is recognized and from there on used.
What did you expect to happen?
docker mailserver should recognise the updated / renewed certificate (by traefik2) without restarting the container.
How do we replicate the issue?
1. Setup traefik2, nginx webserver and docker mailserver as described in the docu
2. wait until let's encrypt certificate get's renewed by traefik2
3. check that mailserver does not pick renewed certificate
...
DMS version
v10.1.2
How much RAM is available to DMS explicitly?
more than 4GB
How many CPU cores are available?
less than 4 Cores
Is DMS running in a virtualized environment?
... a virtual private server (VPS) (with virtual CPU cores)
What operating system is DMS running on?
Linux
What instruction set architecture is DMS running on?
x86_64 / AMD64
I/O - Persistent memory
docker volume mount ext4
What container orchestration tool are you using?
Docker Compose
Docker version
No response
Docker Compose version
docker-compose version 1.28.5
The output of uname -a
Linux 4.19.0-17-amd64 #1 SMP Debian 4.19.194-3 (2021-07-18) x86_64 GNU/Linux
Important environment variables
Mount point within my docker-compose file:
- /data/acme/:/etc/letsencrypt/
I tried
- /data/acme/acme.json:/etc/letsencrypt/acme.json:ro
last time but same result.Relevant log output
No response
Other relevant information
No response
What level of experience do you have with Docker and mail servers?
Trust me, I'm a (computer) engineer! [expert]
Code of conduct
Improvements to this form?
No response
Miscellaneous first checks
Affected Component(s)
mailserver does not use renewed let's encrypt certificate
What happened and when does this occur?
What did you expect to happen?
How do we replicate the issue?
DMS version
v10.1.2
How much RAM is available to DMS explicitly?
more than 4GB
How many CPU cores are available?
less than 4 Cores
Is DMS running in a virtualized environment?
... a virtual private server (VPS) (with virtual CPU cores)
What operating system is DMS running on?
Linux
What instruction set architecture is DMS running on?
x86_64 / AMD64
I/O - Persistent memory
docker volume mount ext4
What container orchestration tool are you using?
Docker Compose
Docker version
No response
Docker Compose version
docker-compose version 1.28.5
The output of
uname -aLinux 4.19.0-17-amd64 #1 SMP Debian 4.19.194-3 (2021-07-18) x86_64 GNU/Linux
Important environment variables
Mount point within my docker-compose file: - /data/acme/:/etc/letsencrypt/ I tried - /data/acme/acme.json:/etc/letsencrypt/acme.json:ro last time but same result.Relevant log output
No response
Other relevant information
No response
What level of experience do you have with Docker and mail servers?
Trust me, I'm a (computer) engineer! [expert]
Code of conduct
Improvements to this form?
No response