ssl / mail / hostname / certificate trouble
Re: ssl / mail / hostname / certificate trouble
Nope, it's just happen ;-)user_chris wrote:small mistake big impact
// I think that was also the problem of the first attempt of mine?!
-
- Posts: 139
- Joined: Thu Jan 07, 2016 12:01 am
Re: ssl / mail / hostname / certificate trouble
I know this is an older post but I have working instructions:
Make sure your SSL is working on the panel. I had to rename my domains crt to pem (this is in /usr/local/vesta/nginx/conf/nginx.conf):
Then restart vesta:
if it fails to start, read what ssh is telling you, on CentOS 7 you can use:
This will generally be a mismatch. Which happened to me a billion times til I figured out to rename my domain.tld.crt to ssl.domain.tld.pem and copy the key from /home/user/conf/web/ to /usr/local/vesta/ssl.domain.tld.key
Now with all that junk outta the way, time to work on the mail service.
In /etc/dovecot/conf.d/10-ssl.conf:
Restart dovecot: (note: this might take a moment, depending on the server, took me nearly 15-20 seconds)
Now onto exim:
In /etc/exim/exim.conf find the lines that start with:tls_certificate
Restart exim:
Now in your email client, you can run SSL\TLS. Pop 995 and SMTP 465.
SpoilerShow
I copied / pasted information over from nginx
Code: Select all
ssl_certificate /usr/local/vesta/ssl/ssl.domain.tld.pem;
ssl_certificate_key /usr/local/vesta/ssl/ssl.domain.tld.key;
Code: Select all
service vesta restart
Code: Select all
systemctl vesta.service -l
Now with all that junk outta the way, time to work on the mail service.
In /etc/dovecot/conf.d/10-ssl.conf:
Code: Select all
ssl = yes
ssl_cert = </usr/local/vesta/ssl/ssl.domain.tld.pem
ssl_key = </usr/local/vesta/ssl/ssl.domain.tld.key
Code: Select all
service dovecot restart
In /etc/exim/exim.conf find the lines that start with:tls_certificate
Code: Select all
tls_certificate = /usr/local/vesta/ssl/ssl.domain.tld.pem
tls_privatekey = /usr/local/vesta/ssl/ssl.domain.tld.key
Code: Select all
service exim restart
Re: ssl / mail / hostname / certificate trouble
Hi,
I have just one domain which uses lets cert SSL ... it has its own webfolder and all.
And the SSL is attached in this webfolder at all.
Now, when sending email it doesnt save them in folder "sent" anymore.
But the email is sent correctly. when I just change the setting in thunderbird to SSL/TLS.
Curious
I have just one domain which uses lets cert SSL ... it has its own webfolder and all.
And the SSL is attached in this webfolder at all.
Now, when sending email it doesnt save them in folder "sent" anymore.
But the email is sent correctly. when I just change the setting in thunderbird to SSL/TLS.
Curious
Re: ssl / mail / hostname / certificate trouble
I now saw, that I can use it normally on webmail , but I cannot set the mailbox up in thunderbird.
Then I took the SSL cert out again.
Now I still cannot set a mailbox up in thunderbird.
It doesnt accept any tried setting.
Then I took the SSL cert out again.
Now I still cannot set a mailbox up in thunderbird.
It doesnt accept any tried setting.
Re: ssl / mail / hostname / certificate trouble
is it working if you have several domains on the same vesta (1 certificate per domain ?) ?
thx
thx
Re: ssl / mail / hostname / certificate trouble
Any update on this? i cant access using different mail clients, then i get greetings errors, tls errors.
-
- Posts: 12
- Joined: Fri May 01, 2015 11:28 am
Re: ssl / mail / hostname / certificate trouble
Multiple certificates for the domains is not a problem.mephivio wrote:is it working if you have several domains on the same vesta (1 certificate per domain ?) ?
thx
Mails are sent via the hostname...
-
- Posts: 12
- Joined: Fri May 01, 2015 11:28 am
Re: ssl / mail / hostname / certificate trouble
With me everything works - last week the certificate renewedkrok wrote:Any update on this? i cant access using different mail clients, then i get greetings errors, tls errors.
-
- Posts: 7
- Joined: Fri Sep 23, 2016 3:29 pm
Re: ssl / mail / hostname / certificate trouble
how to modify the certificate to have mail rights
when updating my permissions to root:root, but I need to have privileges root:mailSSL_CTX_use_PrivateKey_file file=/home/admin/conf/web/ssl.******************.key): error:0200100D:system library:fopen:Permission denied
-
- Posts: 142
- Joined: Sun Aug 10, 2014 1:32 pm
Re: ssl / mail / hostname / certificate trouble
I have error: "SSL error: Leaf certificate is self-signed"
What i need to do?
What i need to do?