postfix/smtpd: warning: TLS library problem: 6374:error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired:s3_pkt.c:1493:SSL alert number 45:
Re-running "certbot renew" does nothing.
Running "openssl x509 -enddate -noout -in" on every .crt file I can find shows expiration dates in the future, including /etc/letsencrypt/
CentOS 7.9, certbot 1.11.0 which appears to be the latest.
Rather than actually providing instructions for how to fix whatever they fucked up, they just refer you to the "support" "forum", both words of which are highly aspirational.
@letsencrypt Nothing brightens my day like users asking me why something stopped working right as I'm wrapping up for the day, only to find a service I'm forced to rely on has changed something, and the first response in the forum thread they link to tells me I'm incompetent and don't care
Update: Great news, everybody! When you run "openssl x509 -enddate -noout -in" on a file that has a thousand certs in it, it only reports on the first one! Because obviously that's exactly what you'd want and expect. So it looks like /etc/