I use a containerized version of postfix via https://github.com/tomav/docker-mailserver .
I don’t use their system to update the letsencrypt certificate , but I have caddyserver.com generating it for me.
I just restart the email server with volume mounts pointing to the newly generated cert.
The container use dovecot for imap, and it works great. But for postfix, it doesn’t.
Here are the details.
My domain is: mail.evereska.org
I ran this command:
openssl s_client -connect mail.evereska.org:465
It produced this output:
CONNECTED(00000003) 140335235655320:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 305 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1567176612 Timeout : 300 (sec) Verify return code: 0 (ok) ---
My mail server is (include version): postfix (3.1.12-0+deb9u1)
The operating system my mail server runs on is (include version): debian 9.9 (container from https://github.com/tomav/docker-mailserver)
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no