5209R/5210R: SSL related YUM updates

Posted by: mstauber Category: General

YUM updates related to Let's Encrypts expired root certificate have been published.

In response to [BlueOnyx:25128] (and following) I just published YUM updates for BlueOnyx 5209R and 5210R:

Click to see the code changes in SVN


Modified glue/handlers/copy_certs.pl to conditionally merge ca-cert into dovecot.pem - provided we have intermediates.

This takes care of the fact that Dovecot doesn't use the intermediate ca.pem (via the "ssl_ca" line) when Dovecot acts as a server. Merging the ca.pem into dovecot.pem helps us to get around that.


Updated ACME to the latest version (3.0.1), added requirement for the "socat" RPM (now required by ACME) and automatically set ACME's default-ca to "letsencrypt" to use the new LE API URLs.

Sep 30, 2021 Category: General Posted by: mstauber
Previous page: Development Next page: Mailing List