How do I prevent ispconfig to remove/change the certificates from my postfix main.cf

Discussion in 'Installation/Configuration' started by Bonzo, Nov 27, 2020.

  1. Bonzo

    Bonzo New Member

    After every ispconfig update, ispconfig removes my certificates from main.cf and replaces them with the generic, self-signed smtpd.key and smtpd.cert. Any way to prevent this except symlinking the proper certs to smtp.* certs ? Any text field I can say, take this cert for the mail server.
    Same is happening with the dovecot configuration.
     
    Bonzo, Nov 27, 2020
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Do not change your main.cf file, instead replace the cert file content of the certs generated by ISPConfig.
     
    till, Nov 27, 2020
    #2
  3. Th0m

    Th0m ISPConfig Developer Staff Member ISPConfig Developer

    Why won't you use symlinks?
     
    Th0m, Nov 27, 2020
    #3
  4. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    And for a third solution, you could use a conf-custom template to specify a different smtpd_tls_cert_file and smtpd_tls_key_file. (Either of the other two would likely be preferred as you don't have to maintain a custom template in future ispconfig updates.)
     
    Jesse Norell, Nov 27, 2020
    #4
  5. Bonzo

    Bonzo New Member

    Thinking it thru after your answers, I guess a symlink is the most hassle-free solution. There is a reason/problem I have with symlinks because I have the certificate creation/renewal/removal in a custom developed solution and outside ispconfig. That said, yes, symlinking will save me a lot more time in the long run.
     
    Bonzo, Nov 28, 2020
    #5
    ahrasis and Th0m like this.

Share This Page