From 41ac878f5c38dc081d1f49b1113613e698cd5c54 Mon Sep 17 00:00:00 2001
From: Quentin Duchemin <quentinduchemin@tuta.io>
Date: Thu, 3 Sep 2020 15:52:19 +0200
Subject: [PATCH] [Mail] Use full chain instead of single cert for mail server

See https://community.letsencrypt.org/t/cannot-verify-domain-with-openssl/11545
---
 pica-mail/pica-mail-mda/Dockerfile | 2 +-
 pica-mail/pica-mail-mta/Dockerfile | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pica-mail/pica-mail-mda/Dockerfile b/pica-mail/pica-mail-mda/Dockerfile
index 1b04228..78091ab 100644
--- a/pica-mail/pica-mail-mda/Dockerfile
+++ b/pica-mail/pica-mail-mda/Dockerfile
@@ -22,7 +22,7 @@ ENV USER_FILTER (uid=%n)
 ENV PASSWORD_FILTER (uid=%n)
 # SSL
 # L'antislash "\" est nécessaire devant le slash "/" !
-ENV SSL_CERT "\/certs-ssl\/cert.pem"
+ENV SSL_CERT "\/certs-ssl\/fullchain.pem"
 ENV SSL_KEY "\/certs-ssl\/privkey.pem"
 
 COPY fichiers_de_configuration.sh /
diff --git a/pica-mail/pica-mail-mta/Dockerfile b/pica-mail/pica-mail-mta/Dockerfile
index d3a4b77..9937665 100644
--- a/pica-mail/pica-mail-mta/Dockerfile
+++ b/pica-mail/pica-mail-mta/Dockerfile
@@ -47,7 +47,7 @@ ENV LMTP_PORT 24
 ENV SMTPD_CLIENT_RESTRICTIONS reject_rbl_client sbl.spamhaus.org, reject_rbl_client dnsbl.sorbs.net
 
 # SSL
-ENV SSL_CERT "/certs-ssl/cert.pem"
+ENV SSL_CERT "/certs-ssl/fullchain.pem"
 ENV SSL_KEY "/certs-ssl/privkey.pem"
 
 #configuration de OpenDKIM
-- 
GitLab