Email SSL


Just wanted to see a couple of things regarding email SSL, had an issue with outlook and expired cert, went to list email within cyberpanel GUI and pressed the fix button that popped up and said there was an issue and everything started working.
Where are the encryption certs located for the mail server, on the sub domain or the mail domain or elsehere as they where both still valid, mail.domain renewed same day as expired one outlook picked up as expired.

also if you go to issue ssl for mail server are you ment to issue for or if it doesnt renew.

this is only really for referance in the future ill see if it all plays up in 90 days when the certs expire again.

Thank you again for your advise

mail server ssl for any domain mapped to the mail domain of that domain like if you have domain its mail server SSL will me


yes but are the ssl certs located for the mail server under that sub domain or because they are for a mail server they are stored elsewhere.

eg ssl certs are stored /etc/letsencrypt/live/

are the ssl for the mail server stored /etc/letsencrypt/live/

or are they stored in another location

Hello @DanielCollins Happy you are here

Yes they are stored in that location

To issue ssl for mailserver choose your mailserver domain. In popular circumstances the mailserver domain is

Say you have certs are here /etc/letsencrypt/live/ certs are here /etc/letsencrypt/live/ certs are here /etc/letsencrypt/live/


Thank you that clears a few things up. I’ll wait 90 days and see if they renew this time

I had problem that my ssl expired, cyberpanel issued new certificate for website, but for some reason my didn’t. I tried this command: postmap -F hash:/etc/postfix/ and that fixed my problem for now, but I think that problem re appears after sertificate expires again.


Had the same issue again when the cert expired and it was only fixed with the command. command: postmap -F hash:/etc/postfix/ and that fixed my problem. Why do I have to do this every 3 months the cert auto renews no issues. Any ideas would be great.

Seems to be a bug somewhere

The TLS encryption protocol’s SNI that allows a client to perform a TLS handshake needs its table rebuilt every time SSL certificate is renewed. This is a good solution by Postmap as it solves the so common issue on ThunderBird and Outlook “common name mismatch error

Is there a way I can get it to do the command automacatlly when every the cert is renewed. Or what do I do with the bug, I had a website where a forgot my password link was failing because of the miss match cert date wasn’t updating.

Which server os is this? Are you runnn the latest update ?

It’s running on ubuntu LTS v20, and cuberpanel is running latest update just released.

I get i can probably schedule a cron job to run every day or something but maybe there is a proper fix. Do you know if anyone is having this issue.

Honestly I have only seen this with some other panel. Not this one