A critical vulnerability (CVE-2019-10149) was found in Exim mail server. It allows to execute some code on victim's server with root privileges. This vulnerability affects versions from 4.87 to 4.91. If you are using Exim and haven't ordered managed service, you should urgently upgrade your version of Exim to 4.92.
Section with additional software for Vesta
Not as far as I'm aware. You would need to really setup the SSL cert on your main domain, and then get everyone to just use that (i.e mail.servername.com)
Congratz, you can register on the board and copy&paste your 3 line shell "solution" without any comment in two posts (here and viewtopic.php?p=56134#p56134). But can you answer me also a question? What will happen after 90days? If not, I will tell you: VestaCP backend will be outdated because you have to restart vesta service after changing/renewing the ssl cert.
So maybe next time: Read the thread where you are posting such a bullshit and try to understand, why it can maybe not work. Thanks.
I LOLed so hard .....
Hi sorry. I missed this post OR i overlooked ontime. I feel your point is true as need to restart the VESTA/EXIM/FTP etc.,ScIT wrote: ↑Sun Apr 29, 2018 5:24 amWhat do you do, if the let's encrypt cert will be regenerated (normaly after 2 months)? As far as I know, you have to restart the service(s) for providing the new cert, otherwise it will be outdated/invalid. That was also a point, to do this script, because it was the only way for now to restart affected services (in my envroiment vsftpd, vesta and exim4).
But, what is the current 'v-update-letsencrypt-ssl' ?
I think, the restarting of the available mandatory services are could be done with the above script as default. This will keep the script as professional. (Myself im using my server hostname, VestaCP, Exim & Vsftp all using same SSL).
Or may send a Service-Restart reminder to the root email (If the root domain SSL has updated via the above script)
Thank You Sooo Much!!! it is very helpful for me and i have solved my mail server issues....ScIT wrote: ↑Wed Nov 09, 2016 10:06 amVestaCP has now a integrated way to solve the request: viewtopic.php?f=10&t=17353
Hi @ all
For our internal VestaCP Systems I've written a short script to use the Let's Encrypt SSL Certificates for VestaCP (8083) and exim4.
First of all:
- Create your domain in WEB (for example server.domain.tld)
- Add a Let's Encrypt Certificate with v-add-letsencrypt-domain user domain
- Create and modify the script you will find here: https://git.scit.ch/rs/VestaCP-SystemSSL
Tested on Ubuntu 14.04 and Debian 8.
Please let me know if it also works for you, if you have any problems post it here or use the "Issue"-Function from our GitLab Server.
Why you should use this way instead of "create only symlinks of the cert files": viewtopic.php?p=56451#p56428
Extra Thank for this script https://git.scit.ch/rs/VestaCP-SystemSSL
I see no reason why you can't put aliases in your web domain for the mail servers you want to be in that certificate. Just add them in the aliases.