Update cron job used to renew Let's Encrypt cert.

en_US/howto/letsencrypt.md

@@ -221,6 +221,19 @@ ln -s /etc/letsencrypt/live/<domain>/fullchain.pem cert.pem
 ln -s /etc/letsencrypt/live/<domain>/privkey.pem key.pem
 ```
 
+If cert was renewed, `/etc/letsencrypt/live/<domain>/privkey.pem` will be
+re-created (it's a symbol link too), and it causes `/opt/iredmail/ssl/key.pem`
+linked to file under `/etc/letsencrypt/archive/`, so we need to update the
+`--post-hook` in cron job also:
+
+!!! attention
+
+    Replace `<domain>` by the real domain name.
+
+```
+1 3 * * * certbot renew --post-hook 'ln -sf /opt/letsencrypt/live/<domain>/privkey.pem /opt/iredmail/ssl/key.pem; service postfix restart; service nginx restart; service dovecot restart'
+```
+
 #### For servers deployed with the classical downloadable iRedMail installer
 
 * On RHEL/CentOS:

html/letsencrypt.html

@@ -246,6 +246,17 @@ ln -s /etc/letsencrypt/live/<domain>/fullchain.pem cert.pem
 ln -s /etc/letsencrypt/live/<domain>/privkey.pem key.pem
 </code></pre>
 
+<p>If cert was renewed, <code>/etc/letsencrypt/live/&lt;domain&gt;/privkey.pem</code> will be
+re-created (it's a symbol link too), and it causes <code>/opt/iredmail/ssl/key.pem</code>
+linked to file under <code>/etc/letsencrypt/archive/</code>, so we need to update the
+<code>--post-hook</code> in cron job also:</p>
+<div class="admonition attention">
+<p class="admonition-title">Attention</p>
+<p>Replace <code>&lt;domain&gt;</code> by the real domain name.</p>
+</div>
+<pre><code>1 3 * * * certbot renew --post-hook 'ln -sf /opt/letsencrypt/live/&lt;domain&gt;/privkey.pem /opt/iredmail/ssl/key.pem; service postfix restart; service nginx restart; service dovecot restart'
+</code></pre>
+
 <h4 id="for-servers-deployed-with-the-classical-downloadable-iredmail-installer">For servers deployed with the classical downloadable iRedMail installer</h4>
 <ul>
 <li>On RHEL/CentOS:</li>