Vesta Control Panel - Forum

Hello,

I've got a problem with the SSL certificate.
This has been registered and is applied in Vesta-user area:
(home/user1/conf/web/ .. ca; crt; key; pem // comodo)

when calling the domain:
https://domain.tld and https://www.domain.tld

it works well.


What does not work:

when connecting to the mail program is the error no valid certificate
- Goes back to the root certificate. (/usr/local/vestal/ssl/ ..crt ; key)

IMAP hostname: domain.tld
IMAP port: 993
IMAP ssl: YES
IMAP security: STARTTLS
IMAP auth method: Normal password

SMTP hostname: domain.tld
SMTP port: 465
SMTP ssl: YES
SMTP security: STARTTLS
SMTP auth method: Normal password

as the sign in the Panel: https://domain.tld:8083 and https://www.domain.tld: 8083
- Goes back to the root certificate. (/usr/local/vestal/ssl/ ..crt ; key)

Can anyone help? Thanks!

Hi.

/usr/local/vesta/nginx/conf/nginx.conf - add path with certs for VestaCP (same as your working fine site) - ssl_certificate and ssl_certificate_key
and
/etc/exim4/exim4.conf.template -- tls_certificate and tls_privatekey

Thanks Skurudo,

I have several users, each with a certificate

(home/user1/conf/web/ .. ssl.domain1.tld.ca; crt; key; pem)
(home/user2/conf/web/ .. ssl.domain2.tld.ca; crt; key; pem)

Can I specify a dynamic path or I need to one for each domain/user ?

/usr/local/vesta/nginx/conf/nginx.conf
/etc/exim4/exim4.conf.template

Chris

user_chris wrote: Can I specify a dynamic path or I need to one for each domain/user ?

Chris, nope, not so simple. There's a way to use different certificates, but in pair IP+certificate for exim.

In /usr/local/vesta/nginx/conf/nginx.conf need to use different server settings.

It's non-automatic way, I think.

So now I found a solution ...

First I changed the paths which has partially works:

/usr/local/vesta/nginx/conf/nginx.conf Login to the panel with the right certificate.

/etc/exim4/exim4.conf.template The mail server has received but not sent.

etc/dovecot/conf.d/10-ssl.conf Here the correct certificate in IMAP was used in the mail program.

With the configuration therefore only partially satisfied.
So all the paths back to standard.

/usr/local/vesta/ssl
Here I have now saved the COMODO certificates and renamed

ssl.domain.tld.crt —> certificate.crt
ssl.domain.tld.key —> certificate. key

Now, the certificates are used properly

user_chris wrote:So now I found a solution ...

Ok, it's nice solution. I think before, you'll use two or more certificates for mail

I update new vesta
and my solution no longer works
mails are no longer sent

the certificate is, however, of startssl can that be the cause?
or somewhere must still go a .pem file?

Would also your support avail, if you can solve the problem.

thanks

mails are no longer sent

And what's in logs?

small mistake big impact

group of the file was root not mail ;)

changed - now it sent ..

// I think that was also the problem of the first attempt of mine?!