Community
Hi,
I have tried to follow the official guide, but still can’t solve the problem of mailserver not being able to ssl.
The system still shows “self-signed certificate”.
Any suggestions are greatly appreciated.
Please run cyberpanel upgrade command first.
Make sure you have DNS A record for mail subdomain and points to your server ip. If DNS is controlled by cloudflare, make sure to disable cloud orange proxy.
Then try again issuing the ssl and let us know if it succeeds.
I have done what you said, but it still doesnt work.
I found that I can use cyberpanel mailserver to send mail through gmail, but when I want to receive mail, gmail displays “SSL error: Leaf certificate is self-signed”.
Please share debug log. Let me check.
Thank you for your help.
This my server debug log:
[12.09.2021_18-00-02] SSL exists for sub-health.org and is not ready to renew, skipping..
[12.09.2021_18-00-02] Checking SSL for mail.sub-health.org.
[12.09.2021_18-00-02] SSL exists for mail.sub-health.org. Checking if SSL will expire in 15 days..
[12.09.2021_18-00-02] SSL exists for mail.sub-health.org and is not ready to renew, skipping..
[12.10.2021_16-00-03] [Errno 2] No such file or directory: '/home/cyberpanel/git'. [IncScheduler.git:90]
[12.10.2021_18-00-02] Running SSL Renew Utility
[12.10.2021_18-00-02] Checking SSL for sub-health.org.
[12.10.2021_18-00-02] SSL exists for sub-health.org. Checking if SSL will expire in 15 days..
[12.10.2021_18-00-02] SSL exists for sub-health.org and is not ready to renew, skipping..
[12.10.2021_18-00-02] Checking SSL for mail.sub-health.org.
[12.10.2021_18-00-02] SSL exists for mail.sub-health.org. Checking if SSL will expire in 15 days..
[12.10.2021_18-00-02] SSL exists for mail.sub-health.org and is not ready to renew, skipping..
[12.11.2021_16-00-03] [Errno 2] No such file or directory: '/home/cyberpanel/git'. [IncScheduler.git:90]
[12.11.2021_16-00-03] [Errno 2] No such file or directory: '/home/cyberpanel/git'. [IncScheduler.git:90]
[12.11.2021_18-00-01] Running SSL Renew Utility
[12.11.2021_18-00-01] Checking SSL for sub-health.org.
[12.11.2021_18-00-01] SSL exists for sub-health.org. Checking if SSL will expire in 15 days..
[12.11.2021_18-00-01] SSL exists for sub-health.org and is not ready to renew, skipping..
[12.11.2021_18-00-01] Checking SSL for mail.sub-health.org.
[12.11.2021_18-00-01] SSL exists for mail.sub-health.org. Checking if SSL will expire in 15 days..
[12.11.2021_18-00-01] SSL exists for mail.sub-health.org and is not ready to renew, skipping..
[12.12.2021_16-00-03] [Errno 2] No such file or directory: '/home/cyberpanel/git'. [IncScheduler.git:90]
[12.12.2021_18-00-02] Running SSL Renew Utility
[12.12.2021_18-00-02] Checking SSL for sub-health.org.
[12.12.2021_18-00-02] SSL exists for sub-health.org. Checking if SSL will expire in 15 days..
[12.12.2021_18-00-02] SSL exists for sub-health.org and is not ready to renew, skipping..
[12.12.2021_18-00-02] Checking SSL for mail.sub-health.org.
[12.12.2021_18-00-02] SSL exists for mail.sub-health.org. Checking if SSL will expire in 15 days..
[12.12.2021_18-00-02] SSL exists for mail.sub-health.org and is not ready to renew, skipping..
[12.13.2021_10-12-45] Trying to obtain SSL for: mail.sub-health.org and: www.mail.sub-health.org
[12.13.2021_10-12-45] /root/.acme.sh/acme.sh --issue -d mail.sub-health.org -d www.mail.sub-health.org --cert-file /etc/letsencrypt/live/mail.sub-health.org/cert.pem --key-file /etc/letsencrypt/live/mail.sub-health.org/privkey.pem --fullchain-file /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem -w /home/mail.sub-health.org/public_html -k ec-256 --force --server letsencrypt
[12.13.2021_10-12-55] Failed to obtain SSL for: mail.sub-health.org and: www.mail.sub-health.org
[12.13.2021_10-12-55] Trying to obtain SSL for: mail.sub-health.org
[12.13.2021_10-13-03] Failed to obtain SSL, issuing self-signed SSL for: mail.sub-health.org
[12.13.2021_10-13-04] Websites matching query does not exist. [installSSLForDomain:72]
[12.13.2021_10-13-04] Self signed SSL issued for mail.sub-health.org.
[12.13.2021_13-43-26] BQFUcHEL3o0w/9ZOcfivj/Q+KWCUYa+Zsudo /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/virtualHostUtilities.py issueSSLForMailServer --virtualHostName mail.sub-health.org --path /home/mail.sub-health.org/public_html
[12.13.2021_13-43-29] Trying to obtain SSL for: mail.sub-health.org and: www.mail.sub-health.org
[12.13.2021_13-43-29] /root/.acme.sh/acme.sh --issue -d mail.sub-health.org -d www.mail.sub-health.org --cert-file /etc/letsencrypt/live/mail.sub-health.org/cert.pem --key-file /etc/letsencrypt/live/mail.sub-health.org/privkey.pem --fullchain-file /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem -w /home/mail.sub-health.org/public_html -k ec-256 --force --server letsencrypt
[12.13.2021_13-43-38] Failed to obtain SSL for: mail.sub-health.org and: www.mail.sub-health.org
[12.13.2021_13-43-38] Trying to obtain SSL for: mail.sub-health.org
[12.13.2021_13-43-47] Failed to obtain SSL, issuing self-signed SSL for: mail.sub-health.org
[12.13.2021_13-43-47] Websites matching query does not exist. [installSSLForDomain:72]
[12.13.2021_13-43-47] Self signed SSL issued for mail.sub-health.org.
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/privkey.pem /etc/postfix/key.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem /etc/postfix/cert.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/privkey.pem /etc/pki/dovecot/private/dovecot.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem /etc/pki/dovecot/certs/dovecot.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/privkey.pem /etc/dovecot/key.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem /etc/dovecot/cert.pem
If possible, private message me a temporary login to server. I will check and provide you with solution.
Could you tell me how can I private message to you? I cant find any mesaage icon, link in your profile
Will check the permissions level and revert.
I also had the same issue for the last many days I can’t find the solution totally fed up kindly help me outlook and thunderbird cant sending emails due to SSL self sign error or sent mail box not saving emails
@uzairjhandeer can you please check mail.domain.com ssl and tell me?
Email Logs
Jan 11 06:57:41 vmi607671 dovecot[3082946]: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=203.99.178.79, lip=213.136.89.160, TLS handshaking: SSL_accept() failed: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42, session=<352YIUjV38jLY7JP>
Make sure that your mail domain have SSL and then run this command
postmap -F hash:/etc/postfix/vmail_ssl.map
systemctl restart postfix```Bro run command but still having same issue
We have the same issue, help!
same isue, did you solve it ?
Hello everyone,
I am having the same issue where mailserver SSL always end up being self signed despite correct DNS record. The tls check is the exact same as posted, with CERT being FAIL and all other being OK. Did anyone found a solution to this ? I would be happy to learn.
