modoboa letsencrypt renewal failure

Solution

Let's encrypt automatic renewal fails at first expiry date after modoboa install

Environment: CentOS 7.9.2009, Modoboa V1.17

Issue webroot not set in /etc/letsencrypt/renewal/domain.name.conf

Add the following lines to the conf

webroot_path = /srv/modoboa/instance/sitestatic
[[webroot_map]]
domain.name = /srv/modoboa/instance/sitestatic

Create the letsencrypt verification target folder in the webroot

mkdir /srv/modoboa/instance/sitestatic/.well-known

Add the .well-known location to /etc/nginx/conf.d/domain.name.conf file as follows

#snippets from nginx virtual server conf file
server {
  listen 80;
  server_name domain.name;
  location / {
    rewrite ^ https://$server_name$request_uri? permanent;
  }
  location /.well_known/ {
    alias /srv/modoboa/instance/sitestatic/.well_known/;
  }
}

server {
  listen 443 ssl;
  location /.well-known/ {
    alias /srv/modoboa/instance/sitestatic/.well-known
  }

Force the renewal

certbot renew --no-self-upgrade --force-renewal

The automatic update command resides within /etc/cron.d/letsencrypt

Finally restart the web server and postfix

systemctl restart nginx

systemctl restart postfix
systemctl restart dovecot

Was this article helpful? yes / no

Install NGinX and PHP on Windows

Article details

Article ID:	180
Category:	Linux
Date added:	16-05-2022 16:56:50
Views:	659
Rating (Votes):	(0)

« Go back