Ssl

Nginx, OCSP stapling, booting, systemd and Debian 9

Noticed these lines in journalctl when nginx didn’t start after a reboot: Dec 10 17:43:30 mail1 nginx[3485]: nginx: [warn] "ssl_stapling" ignored, host not found in OCSP responder "ocsp.int-x3.letsencrypt.org" in the certificate "/etc/letsencrypt/live/www.example.com/fullchain.pem" Dec 10 17:43:30 mail1 nginx[3485]: nginx: [emerg] bind() to [<IPv6 address>]:80 failed (99: Cannot assign requested address) Dec 10 17:43:30 mail1 nginx[3485]: nginx: configuration file /etc/nginx/nginx.conf test failed Dec 10 17:43:30 mail1 systemd[1]: nginx.service: Control process exited, code=exited status=1 Dec 10 17:43:30 mail1 systemd[1]: nginx.

Let's Encypt SSL Certificates with Exim, Dovecot & NGINX

I ran into two issues when setting up Let’s Encrypt SSL certificates on two of my servers - permission issues for Exim and the certbot cron job supplied by the package doesn’t handle the renew very well for nginx, exim or dovecot. Resolving Exim’s Permission Problems 1. Create a new group. I named it sslcerts. Add the exim user to that group. If you’re not using Debian, adjust the user in the command below.