Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: wickenburg.us
I ran this command: n/a
It produced this output: n/a
My web server is (include version): n/a
The operating system my web server runs on is (include version): Centos 6.10 kvm
My hosting provider, if applicable, is: JustHost
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): mixture of cPanel/WHM 82.017 and root shell
The version of my client is (e.g. output of
certbot --version or
certbot-auto --version if you’re using Certbot): certbot 0.39.0 (certbot-auto)
I am NOT an experienced server admin. I paid for this VM exclusively to avoid having my mail server blacklisted every time JustHost let another spammer onto their shared hosting.
I installed a letsencrypt certificate some time back, and it has been working for all services and auto-renewing fine.
Today, I started getting messages that the certificates were bad on my SMTP service. Instead of the mail client seeing my certificates, it seems to be fetching a generic justhost certificate.
I see my certificates were auto-renewed two days ago. About a month ago, I transferred two of my domain names (that were also on my combined certificate) to another organization, without recreating my existing certificate, which may or may not have had something to do with this issue.
I went back and used the instructions at https://certbot.eff.org/lets-encrypt/centos6-apache to recreate the certificate from scratch. It worked 100% fine with no errors (a first for me). The certificate it created appears to be just what I asked for. However, it seems to apply only to apache and web traffic. My mail server is apparently still using the certificate generated two days ago, which appears to have all the right information in it (according to WHM) but in practice my mail client is giving me messages like, “Mail can’t verify the identity of the server libertyhaven.com… the certificate for this server is invalid…” and showing a generic justhost certificate in the details.
I tried using WHM to replace the existing mail certificate with the one I created today, but WHM allows you only to “browse” existing certificates, and apparently the places it browses don’t include /etc/letsencrypt.
Is the certificate I have suitable for use by EXIM, Dovecot, Calendars, etc., or is it only good for HTTPS traffic? If the answer is yes, how do I get WHM to pick it up?