Carbonio Email Service provider

Have a Question?

Carbonio may renew certificates manually using the normal certbot interface or automatically.

Manual renewal.

The manual renewal process entails running the command certbot renew on the Node and installing the Proxy Role.

If your Carbonio architecture contains numerous Proxy Nodes, first determine the one responsible for certificate management, using command.

If the result contains something like the following, you are on the correct Node:

To renew the Let’s Encrypt certificate, execute the command

This operation attempts to renew any previously obtained certificates that will expire in less than 30 days.

Automatic renewal.

Carbonio provides two facilities for automatically renewing the Let’s Encrypt certificate: carbonio-certbot.timer, which is deactivated by default, and carbonio-certbot.service.

To see the status of the timer, launch command.

If the output is similar to the following, the timer is disabled:

To enable the timer, give the command.

The command systemctl status carbonio-certbot.timer should now display as active in its output, for example:

If you now list all of the timings, you will see when the certbot last ran and when it will run again.

You will notice in the output:

Finalise Renewal

Once the certificate has been reissued, execute the two deployment instructions.

If you have more than one proxy node, perform the two instructions on each one.