[CentOS] Certificates

Sun Sep 2 05:15:44 UTC 2018
Gordon Messmer <gordon.messmer at gmail.com>

I use something like this script to renew my SMTP and IMAP certificates 
(/etc/cron.weekly/certbot-renew):

#!/bin/sh

hostcert=/etc/letsencrypt/live/mail.example.com
certlink="$(readlink "${hostcert}/cert.pem")"

test -x /usr/bin/certbot || exit 72

certbot certonly --quiet --standalone --keep-until-expiring \
     -d mail.example.com \
     -d imap.example.com \
     --email postmaster at example.com \
     --agree-tos --expand

# Exit if the cert hasn't been updated
test "${certlink}" = "$(readlink "${hostcert}/cert.pem")" && exit

cat ${hostcert}/fullchain.pem ${hostcert}/privkey.pem > 
/usr/lib/courier/share/esmtpd.pem
cat ${hostcert}/fullchain.pem ${hostcert}/privkey.pem > 
/usr/lib/courier/share/imapd.pem
systemctl restart courier