I can’t get my e-mail to work with LetsEncrypt.
Posted: Mon Jun 24, 2019 10:06 pm
My OS is Ubuntu 18.04
When I installed VestaCP, I installed Exim4 and Dovecot for e-mail.
(Below I am using fictitious names to illustrate my points.)
Based on a tutorial I found (https://www.mysterydata.com/how-to-conf ... nd-ubuntu/), I:
installed using srv1.main_domain.com as the host.
edited this host to remove all aliases and checked the SSL and LetsEncrypt boxes.
Added the file vestassl to /etc/cron.daily/ The code in the file:
I made the file executable and ran it.
I then restarted vesta, exim4 and dovecot.
In Vesta, in Web I added the domain second_domain.com withOUT DNS support (I’m using Cloudflare) but with mail and SSL/LetsEncrypt support. When I check, there is certificate information in the appropriate fields in the Web edit section.
I added an e-mail account.
I use Thunderbird e-mail client. I set up this e-mail account using POP3, port 995 and SMTP, port 587.
I can send and receive e-mail, but I have to add security exceptions to do so.
When I click “Get Messages” or try to send an email, I get a window that tells me the site is trying to identify itself with invalid information and the certificate belongs to a different site.
This window has the option to view the certificate. When I look at it, the Common Name (CN) is srv1.main_domain.com, not mail.second_domain.com.
What do I need to do to get a certificate working in conjunction with mail.second_domain.com?
When I installed VestaCP, I installed Exim4 and Dovecot for e-mail.
(Below I am using fictitious names to illustrate my points.)
Based on a tutorial I found (https://www.mysterydata.com/how-to-conf ... nd-ubuntu/), I:
installed using srv1.main_domain.com as the host.
edited this host to remove all aliases and checked the SSL and LetsEncrypt boxes.
Added the file vestassl to /etc/cron.daily/ The code in the file:
Code: Select all
#!/bin/bash
cert_src="/home/admin/conf/web/ssl.srv1.main_domain.com.pem"
key_src="/home/admin/conf/web/ssl.srv1.main_domain.com.key"
cert_dst="/usr/local/vesta/ssl/certificate.crt"
key_dst="/usr/local/vesta/ssl/certificate.key"
if ! cmp -s $cert_dst $cert_src
then
# Copy Certificate
cp $cert_src $cert_dst
# Copy Keyfile
cp $key_src $key_dst
# Change Permission
chown root:mail $cert_dst
chown root:mail $key_dst
# Restart Services
service vesta restart &> /dev/null
service exim4 restart &> /dev/null
service dovecot restart &> /dev/null
fi
I then restarted vesta, exim4 and dovecot.
In Vesta, in Web I added the domain second_domain.com withOUT DNS support (I’m using Cloudflare) but with mail and SSL/LetsEncrypt support. When I check, there is certificate information in the appropriate fields in the Web edit section.
I added an e-mail account.
I use Thunderbird e-mail client. I set up this e-mail account using POP3, port 995 and SMTP, port 587.
I can send and receive e-mail, but I have to add security exceptions to do so.
When I click “Get Messages” or try to send an email, I get a window that tells me the site is trying to identify itself with invalid information and the certificate belongs to a different site.
This window has the option to view the certificate. When I look at it, the Common Name (CN) is srv1.main_domain.com, not mail.second_domain.com.
What do I need to do to get a certificate working in conjunction with mail.second_domain.com?