From 8d7abb4f0c3485eb4e18e9d32a5165e0d4916b52 Mon Sep 17 00:00:00 2001 From: Markus Hauschild Date: Wed, 6 Apr 2016 18:00:23 +0200 Subject: [PATCH] Fix certificate/CA handling. --- roles/certmgr/templates/acme.conf.j2 | 1 + roles/mail/templates/certs.j2 | 8 ++++---- roles/mail/templates/dovecot/local.conf.j2 | 2 +- roles/mail/templates/mailman/certs.j2 | 6 +++--- roles/mail/templates/postfix/main.cf.j2 | 2 +- 5 files changed, 10 insertions(+), 9 deletions(-) diff --git a/roles/certmgr/templates/acme.conf.j2 b/roles/certmgr/templates/acme.conf.j2 index 511dde1..c0488bb 100644 --- a/roles/certmgr/templates/acme.conf.j2 +++ b/roles/certmgr/templates/acme.conf.j2 @@ -6,3 +6,4 @@ ttl_days: 30 authority: "https://acme-v01.api.letsencrypt.org" defaults: + cafile: /etc/acme/lets-encrypt-x3-cross-signed.pem diff --git a/roles/mail/templates/certs.j2 b/roles/mail/templates/certs.j2 index f0156ad..4b21196 100644 --- a/roles/mail/templates/certs.j2 +++ b/roles/mail/templates/certs.j2 @@ -6,22 +6,22 @@ group: postfix perm: '400' format: crt - notify: 'service postfix reload' + notify: 'service postfix restart' - path: /etc/postfix/ssl/{{ mail_server }}.key user: postfix group: postfix perm: '400' format: key - notify: 'service postfix reload' + notify: 'service postfix restart' - path: /etc/dovecot/ssl/{{ mail_server }}.crt user: dovecot group: dovecot perm: '400' format: crt - notify: 'service dovecot reload' + notify: 'service dovecot restart' - path: /etc/dovecot/ssl/{{ mail_server }}.key user: dovecot group: dovecot perm: '400' format: key - notify: 'service dovecot reload' + notify: 'service dovecot restart' diff --git a/roles/mail/templates/dovecot/local.conf.j2 b/roles/mail/templates/dovecot/local.conf.j2 index 0460c79..8b119f5 100644 --- a/roles/mail/templates/dovecot/local.conf.j2 +++ b/roles/mail/templates/dovecot/local.conf.j2 @@ -18,7 +18,7 @@ mail_gid = vmail ssl = yes ssl_cert =