STARTTLS Let's Encrypt bug (and manual fix).
Posted: 04 Oct 2017 13:33
STARTTLS fails with "4.7.0 TLS not available due to local problem" after running the Let's Encrypt installation.
The Let's Encrypt generator script works fine for the webinterface but makes a small error in the Postfix config if the system name contains any capital letters.
The generated directory doesn't have capital letters but the main.cf entries do.
I named my system EFA1.domain.tld, the created directory structure is /etc/letsencrypt/live/efa1.domain.tld/ but the entries in main.cf point to /etc/letsencrypt/live/EFA1.domain.tld/ which is a different path.
Editing /etc/postfix/main.cf to point to the correct path does fix it.
I do wonder however if the refresh script will mess things up again... We'll find out in 30 days.
The Let's Encrypt generator script works fine for the webinterface but makes a small error in the Postfix config if the system name contains any capital letters.
The generated directory doesn't have capital letters but the main.cf entries do.
I named my system EFA1.domain.tld, the created directory structure is /etc/letsencrypt/live/efa1.domain.tld/ but the entries in main.cf point to /etc/letsencrypt/live/EFA1.domain.tld/ which is a different path.
Editing /etc/postfix/main.cf to point to the correct path does fix it.
I do wonder however if the refresh script will mess things up again... We'll find out in 30 days.