Page 2 of 2
Re: ssl / mail / hostname / certificate trouble
Posted: Mon Jul 27, 2015 2:47 pm
by skurudo
user_chris wrote:small mistake big impact
// I think that was also the problem of the first attempt of mine?!
Nope, it's just happen ;-)
Re: ssl / mail / hostname / certificate trouble
Posted: Thu Jan 07, 2016 12:16 am
by BBuchanan1013
I know this is an older post but I have working instructions:
I copied / pasted information over from nginx
Make sure your SSL is working on the panel. I had to rename my domains crt to pem (this is in /usr/local/vesta/nginx/conf/nginx.conf):
Code: Select all
ssl_certificate /usr/local/vesta/ssl/ssl.domain.tld.pem;
ssl_certificate_key /usr/local/vesta/ssl/ssl.domain.tld.key;
Then restart vesta:
if it fails to start, read what ssh is telling you, on CentOS 7 you can use:
This will generally be a mismatch. Which happened to me a billion times til I figured out to rename my domain.tld.crt to ssl.domain.tld.pem and copy the key from /home/user/conf/web/ to /usr/local/vesta/ssl.domain.tld.key
Now with all that junk outta the way, time to work on the mail service.
In /etc/dovecot/conf.d/10-ssl.conf:
Code: Select all
ssl = yes
ssl_cert = </usr/local/vesta/ssl/ssl.domain.tld.pem
ssl_key = </usr/local/vesta/ssl/ssl.domain.tld.key
Restart dovecot: (note: this might take a moment, depending on the server, took me nearly 15-20 seconds)
Now onto exim:
In /etc/exim/exim.conf find the lines that start with:tls_certificate
Code: Select all
tls_certificate = /usr/local/vesta/ssl/ssl.domain.tld.pem
tls_privatekey = /usr/local/vesta/ssl/ssl.domain.tld.key
Restart exim:
Now in your email client, you can run SSL\TLS. Pop 995 and SMTP 465.
Re: ssl / mail / hostname / certificate trouble
Posted: Wed Jun 08, 2016 10:24 am
by webass
Hi,
I have just one domain which uses lets cert SSL ... it has its own webfolder and all.
And the SSL is attached in this webfolder at all.
Now, when sending email it doesnt save them in folder "sent" anymore.
But the email is sent correctly. when I just change the setting in thunderbird to SSL/TLS.
Curious
Re: ssl / mail / hostname / certificate trouble
Posted: Sat Jun 11, 2016 9:02 am
by webass
I now saw, that I can use it normally on webmail , but I cannot set the mailbox up in thunderbird.
Then I took the SSL cert out again.
Now I still cannot set a mailbox up in thunderbird.
It doesnt accept any tried setting.
Re: ssl / mail / hostname / certificate trouble
Posted: Tue Sep 06, 2016 7:31 pm
by mephivio
is it working if you have several domains on the same vesta (1 certificate per domain ?) ?
thx
Re: ssl / mail / hostname / certificate trouble
Posted: Thu Sep 29, 2016 5:14 pm
by krok
Any update on this? i cant access using different mail clients, then i get greetings errors, tls errors.
Re: ssl / mail / hostname / certificate trouble
Posted: Mon Oct 17, 2016 4:07 pm
by user_chris
mephivio wrote:is it working if you have several domains on the same vesta (1 certificate per domain ?) ?
thx
Multiple certificates for the domains is not a problem.
Mails are sent via the hostname...
Re: ssl / mail / hostname / certificate trouble
Posted: Mon Oct 17, 2016 4:09 pm
by user_chris
krok wrote:Any update on this? i cant access using different mail clients, then i get greetings errors, tls errors.
With me everything works - last week the certificate renewed
Re: ssl / mail / hostname / certificate trouble
Posted: Tue Oct 17, 2017 2:04 pm
by luckywonder
how to modify the certificate to have mail rights
SSL_CTX_use_PrivateKey_file file=/home/admin/conf/web/ssl.******************.key): error:0200100D:system library:fopen:Permission denied
when updating my permissions to root:root, but I need to have privileges root:mail
Re: ssl / mail / hostname / certificate trouble
Posted: Thu Apr 30, 2020 9:54 am
by SPEC1AL1ST
I have error: "SSL error: Leaf certificate is self-signed"
What i need to do?