We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Hostname with expired SSL certificate
Hostname with expired SSL certificate
Hello,
I'm trying to connect to my mail server, but the SSL certificate has expired:
How can I fix this?
Thank you!
I'm trying to connect to my mail server, but the SSL certificate has expired:
How can I fix this?
Thank you!
Re: Hostname with expired SSL certificate
How can I do that?XoXiLhJ0mn wrote:Create a new SSL certificate locally on your server. Whats your problem?
Re: Hostname with expired SSL certificate
Hello,XoXiLhJ0mn wrote:Hi,
Either you use some online tools, which may be easier to create or use a web interface on your server generated by scripts like webmin or create in shell. Most likely, you will have problems to make one in shell commands.
If you use webmin, you could create very easily as many SSL certificates online from your server and even use many other commands it makes available for a server management.
Alternatively, you could use the default domain certificate that vesta generates online for that particular domain.
Go in the web panel of Vesta. Click on the domain menu. In there, you will see a checkbox for SSL. Check it. It will offer to enter some details. Provide them. Then it will create a certificate.
Once you have a certificate and key, you could make one pem data from it.
You could also check in /etc/exim/domain/. Inside that directory (link) there are pem certificates readily available.
So you need to find out first which format you want the data, *.crt or *.pem and find or generate it.
Need more info or help, or understood? If you did not understand, then I could explain step by step.
How can I do that?
Sorry for the inconvenience.
Re: Hostname with expired SSL certificate
Hello,XoXiLhJ0mn wrote:Hi,
No problem. Tell me, for which service do you want to use the certificate, Exim, Apache, Nginx, MariaDB, etc. Then I will give you a custom solution.
Thank you for your help. I generated the certificate but, when I try to connect to my mail server with Exim4, the certificate is expired. How can I install the certificate?
Kind regards.
Re: Hostname with expired SSL certificate
Hello,
I have tried to do this, but the certificate remains invalid. I have changed the route you've told me, creating a new one, but the system download the SSL certificate hostname and tells me it's expired. What I can do?
Thank you very much!
I have tried to do this, but the certificate remains invalid. I have changed the route you've told me, creating a new one, but the system download the SSL certificate hostname and tells me it's expired. What I can do?
Thank you very much!
Re: Hostname with expired SSL certificate
Hello,XoXiLhJ0mn wrote:Hi,
What problem do you have, wrong DKIM or wrong certificate? My solution above relates to the dkim.pem. It appears that I got confused, while answering to your message hurriedly unconcentrated, as I had just answered the message of anathor poster on dkim. Excuse me.
Check the location/path of parameter tls_certificate and tls_privatekey in the exim.conf. If the certificate got expired, then you need to exchange the certificate.crt and certificate.key for that crt in the directory in there. You could also change the path of these files to any other path, when exim could find an existing valid certificate.
You also need to have in the exim.conf:
I now believe that the default certificate in above dir got expired.Code: Select all
add_environment = <; PATH=/bin:/usr/bin keep_environment = openssl_options = +no_sslv2 +no_sslv3 tls_advertise_hosts = * tls_certificate = /usr/local/vesta/ssl/certificate.crt # or any other valid certificate in any directory tls_privatekey = /usr/local/vesta/ssl/certificate.key # or any other valid key in any directory for this valid certificate
But if the error is based on dkim, we need to deepen into it differently.
I checked the settings and changed exim certificates and error basis remains the same. It seems that the server is extracting certificates from an unknown location, although not find the route with them. What I can do?
Thank you very much!
Re: Hostname with expired SSL certificate
Hello,
Yes, I have renewed the certificates specified in Exim, but the one who sent me when I want to configure the email account is indicated as the hostname and, therefore expired.
I have generated new certificates and I put on the routes indicated in exim.conf, getting the same problem. I checked the certificates using SSH and email client, Thunderbird.
Of course, I'll send the domain name via private message, along with the credentials, so you can access.
Thank you very much!
Yes, I have renewed the certificates specified in Exim, but the one who sent me when I want to configure the email account is indicated as the hostname and, therefore expired.
I have generated new certificates and I put on the routes indicated in exim.conf, getting the same problem. I checked the certificates using SSH and email client, Thunderbird.
Of course, I'll send the domain name via private message, along with the credentials, so you can access.
Thank you very much!