diff -Nur --no-dereference e-smith-base-5.8.1.old/createlinks e-smith-base-5.8.1/createlinks
--- e-smith-base-5.8.1.old/createlinks	2021-06-06 16:30:37.000000000 -0400
+++ e-smith-base-5.8.1/createlinks	2021-11-23 23:25:51.831000000 -0500
@@ -304,6 +304,10 @@
 event_link("remove-templates-custom", $event, "02");
 templates2events("/etc/smartd.conf", $event);
 templates2events("/home/e-smith/ssl.pem/pem", $event);
+templates2events("/etc/raddb/certs/radiusd.pem", $event);
+templates2events("/service/qpsmtpd/ssl/cert.pem", $event);
+templates2events("/etc/dovecot/ssl/imapd.pem", $event);
+templates2events("/etc/openldap/ssl/slapd.pem", $event);
 templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event);
 event_link("fix-startup", $event, "05");
 event_link("rotate_timestamped_logfiles", $event, "05");
@@ -329,6 +333,13 @@
 safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/dhcpd");
 safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/rsyslog");
 safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/crond");
+# because of certs
+safe_symlink("reload", "root/etc/e-smith/events/$event/services2adjust/httpd-e-smith");
+safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/dovecot");
+safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/qpsmtpd");
+safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/sqpsmtpd");
+safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/radiusd");
+safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/ldap");
 
 #--------------------------------------------------
 # actions for console-save event
diff -Nur --no-dereference e-smith-base-5.8.1.old/root/usr/share/perl5/vendor_perl/esmith/ssl.pm e-smith-base-5.8.1/root/usr/share/perl5/vendor_perl/esmith/ssl.pm
--- e-smith-base-5.8.1.old/root/usr/share/perl5/vendor_perl/esmith/ssl.pm	2021-06-06 16:30:37.000000000 -0400
+++ e-smith-base-5.8.1/root/usr/share/perl5/vendor_perl/esmith/ssl.pm	2021-11-23 23:18:53.220000000 -0500
@@ -6,7 +6,7 @@
 
 
 our @ISA = qw(Exporter);
-our @EXPORT = qw( key_exists_good_size cert_exists_good_size cert_is_cert key_is_key related_key_cert);
+our @EXPORT = qw( key_exists_good_size cert_exists_good_size cert_is_cert key_is_key key_is_ec related_key_cert);
 
 my $configdb = esmith::ConfigDB->open_ro or die "Could not open accounts db";
 our $SystemName = $configdb->get('SystemName')->value;
@@ -51,7 +51,8 @@
     {
     	#print "$key exists\n";
         # check key size openssl rsa -in /home/e-smith/ssl.key/$host.$domain.key -text -noout | sed -rn "s/Private-Key: \((.*) bit\)/\1/p"
-        my $signatureKeySize = `openssl rsa -in  $key -text -noout | grep "Private-Key" | head -1`;
+        my $algo = (key_is_ec($key)) ? 'ec' :'rsa';
+        my $signatureKeySize = `openssl $algo -in  $key -text -noout | grep "Private-Key" | head -1`;
         chomp $signatureKeySize;
         $signatureKeySize =~ s/^ *Private-Key: \((.*) bit\)/$1/p;
         if ( $signatureKeySize == $KeySize ) {
@@ -122,6 +123,7 @@
 	open my $oldout, ">&STDERR";  # "dup" the stdout filehandle
 	close STDERR;
         my $exit_code=system("openssl","rsa", "-noout", "-in", "$key");
+	$exit_code=system("openssl","ec", "-noout", "-in", "$key") unless ($exit_code==0);
 	open STDERR, '>&', $oldout;  # restore the dup'ed filehandle to STDOUT
         if ($exit_code==0){
                 #print "key is a key\n";
@@ -131,14 +133,31 @@
     return 0;
 }
 
+sub key_is_ec {
+    my $key = shift || "/home/e-smith/ssl.key/$FQDN.key";
+    if ( -f $key )
+    {
+        open my $oldout, ">&STDERR";  # "dup" the stdout filehandle
+        close STDERR;
+ 	my $exit_code=system("openssl","ec", "-noout", "-in", "$key");
+        if ($exit_code==0){
+                #print "key is a key\n";
+                return 1;
+        }
+    }
+    return 0;
+}
+
 sub related_key_cert {
     my $key = shift || "/home/e-smith/ssl.key/$FQDN.key";
     my $crt = shift || "/home/e-smith/ssl.crt/$FQDN.crt";
     if ( key_is_key($key) and cert_is_cert($crt) )
     { 
 	# check the cert and the key are related, if key has been changed, then we need to change the cert
-	my $crt_md5 = `openssl x509 -noout -modulus -in $crt | openssl md5`;
-	my $key_md5 = `openssl rsa -noout -modulus -in $key | openssl md5`;
+	#my $crt_md5 = `openssl x509 -noout -modulus -in $crt | openssl md5`;
+	#my $key_md5 = `openssl rsa -noout -modulus -in $key | openssl md5`;
+	my $crt_md5 = `openssl x509 -pubkey -noout -in $crt | openssl md5`;
+	my $key_md5 = `openssl pkey -pubout -in $key | openssl md5`;
 	#print "$key_md5 eq $crt_md5\n";
 	return 1 if $key_md5 eq $crt_md5;
     }