letsencrypt on mail server

Let's Encrypt on my Debian 9 host has renewal hooks, which stop and start when renewal occurs:

Code:

# ls -lhR renewal-hooks/
renewal-hooks/:
yhteensä 12K
drwxr-xr-x 2 root root 4,0K kesä  28  2018 deploy
drwxr-xr-x 2 root root 4,0K kesä  28  2018 post
drwxr-xr-x 2 root root 4,0K kesä  28  2018 pre

renewal-hooks/deploy:
yhteensä 4,0K
-rwx---r-- 1 root root 65 kesä  28  2018 05-restart-postfix-dovecot.sh

renewal-hooks/post:
yhteensä 4,0K
-rwx---r-- 1 root root 37 kesä  28  2018 05-start-apache.sh

renewal-hooks/pre:
yhteensä 4,0K
-rwx---r-- 1 root root 36 kesä  28  2018 05-stop-apache.sh

 

Sorry to revive this old thread but those of you who follow this method, are your email clients happy?

Although my certificate has been constantly updated I have email clients who are now complaining because of letsencrypt's root certificate change which should have happened tonight.

I'm just wondering if anyone using this method has had any issues?

 

thanks, I figured it out. for whatever reason I had not exactly followed the step where you symlink to the fullchain cert but to the plain certificate so after changing the symlink to point to the fullchain certificate, no more problems occurred. Its jsut weird that it all worked for so many years

 

I'm not sure this thread is ther right one for my issue, so sorry in advance if I'm wrong.
There is a way to automatically add a new mail domain to the certificate in a way that every domain has it's own configuration automatically accepted?
For instance:
My mail server has a valid LE certificate associated with the hostname: host.domaina.tld. I wish to add a dnew domain to that certificate: mail.second-domain.tld. So, finally the LE certificate will be valid for:

1. host.domaina.tld
2. mail.second-domain.tld
3. ...and so on...

Thank you!