SSL certs did not update correctly for CP and mail

This has only happened so far on one of many Hestia servers I’m looking after, but I thought I’d mention it here in case it was a wider problem. And SSL certs go in 2 or 3 month cycles, so it could be the first server in a wave of them … anyway. is the domain name assigned as the system host. It is assigned to a webserver (http/https), hestia install (port 8083), and mail server (dovecot and exim).

The certificate was expiring on Jan 10th, so Letsencrypt renewed it as expected for the web domain around Dec 10th. However it didn’t update the certificate for Hestia, or the mail subsysems, so those expired this week and clients started complaining about their mail not working.

It wasn’t hard to fix. I ran:
v-change-sys-hostname (not sure if this one was necessary)
and all was good again. But it shouldn’t really have happened. Any ideas what was the cause? Is this just a weird one-off? Or is it a bug? I guess my questions will be answered if others start to experience it. But I just thought I’d post here to warn of a potential problem.

I run a script to check various SSL certs for webservers, so that reported no problems, and I didn’t pick it up until too late. I might now look at including some checks for mail server SSL certs too.

This was the magic command to test it in case anyone needs it.

openssl s_client -servername -connect | openssl x509 -noout -dates

Had the same thing happened to me, just ran v-add-letsencrypt-host and everything was fixed

Had exactly the same issue have idea why

Me too have the same problems on three different servers

Github is for bug it makes it way easier traceable…