Manually copy Let’s Encrypt Certificates to Dovecot and Postfix

To manually copy your certificates to dovecot and postfix so that your mail clients do not display a warning about bad certificates follow these steps.

You will want to copy the latest certificate which will be located in the folder name starting with your primary domain followed by largest the iteration number.

 

Copy your private keys

cp /etc/letsencrypt/archive/server1.domain.ca-0005/privkey1.pem /etc/dovecot/private/dovecot.pem
cp /etc/letsencrypt/archive/server1.domain.ca-0005/privkey1.pem /etc/postfix/postfix.key.pem

Copy your certificates

cp /etc/letsencrypt/archive/server1.domain.ca-0005/cert1.pem /etc/dovecot/dovecot.pem
cp /etc/letsencrypt/archive/server1.domain.ca-0005/cert1.pem /etc/postfix/postfix.cert.pem

Copy your fullchain

cp /etc/letsencrypt/archive/server1.domain.ca-0005/fullchain1.pem /etc/dovecot/dovecot.ca.pem
cp /etc/letsencrypt/archive/server1.domain.ca-0005/fullchain1.pem /etc/postfix/postfix.ca.pem

 

Restart the Services

service dovecot restart

service postfix restart

 

Fix X2GO keyboard mapping MacOSX, Ubuntu, Mint, VirtualBox keyboard layout

Many posts written about this topic.

The solution that will work is to add a keyboard mapping on the host machine that you will connect to.

This new keyboard layout must be the only keyboard layout on the system. If another keyboard layout is in the list you will want to remove it as it may be the cause of the issues.

Once your client and host both have the same keyboard layouts installed you will need to end your x2go session and restart it for the keyboard mapping to take effect.

 

VirtualMin SSL v3 Poodle Fix VirtualMin SSL v3 Poodle Fix

 

Apache

In RHEL/CentOS, edit /etc/httpd/conf.d/ssl.conf.

In Ubuntu/Debian, edit /etc/apache2/mods-enabled/ssl.conf.

Look for a line beginning with SSLProtocol, it should look something like this:

SSLProtocol all -SSLv2

You need to modify it to look like this:

SSLProtocol all -SSLv2 -SSLv3

And then restart Apache:

RHEL/CentOS: /etc/init.d/httpd restart

Ubuntu/Debian: /etc/init.d/apache2 restart

Webmin/Virtualmin

Webmin will correct this issue automatically in the future. In the meantime, to disable SSLv3, edit this file:

/etc/webmin/miniserv.conf

And add the following line to the end:

ssl_version=10

Then restart Webmin:

/etc/init.d/webmin restart

Usermin

Edit this file:

/etc/usermin/miniserv.conf

And add the following line to the end:

ssl_version=10
ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list=ECDHE-RSA-AES256-SHA384:AES256-SHA256:AES256-SHA256:RC4:HIGH:MEDIUM:+TLSv1:+SSLv3:!SSLv2:!MD5:!ADH:!aNULL:!eNULL:!NULL:!DH:!ADH:!EDH:!AESGCM

Then restart Usermin:

/etc/init.d/usermin restart

 

Webmin

Edit this file:

/etc/webmin/miniserv.conf

And add the following line to the end:

ssl_version=10
ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list=ECDHE-RSA-AES256-SHA384:AES256-SHA256:AES256-SHA256:RC4:HIGH:MEDIUM:+TLSv1:+SSLv3:!SSLv2:!MD5:!ADH:!aNULL:!eNULL:!NULL:!DH:!ADH:!EDH:!AESGCM

Then restart Usermin:

/etc/init.d/webmin restart

 

Creds: https://www.virtualmin.com/node/34811