How to get SMTP working with self-signed LE cert?

Support and Discussion
,
1

My LE cert expired few weeks ago, and since then SMTP emails don’t work anymore. In Cloudflare I had to switch SSL to Full to bring back my website (it was Strict )
Now with self-signed cert I tried to change SMTP port and to use STARTTLS as shown on Emails > List, but didn’t work.
While sending emails SMTP return a timeout error - using ThunderBird and web-mail.
The line below return a ssl wrong version, I guess is it due to the self-signed cert?

How do I get back my SMTP mail? (I don’t want to use unsecure port 25 )

openssl s_client -starttls smtp -showcerts -connect mail.website.com:587 -servername mail.website.com

CONNECTED(00000003)
40674E1AF57F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:…/ssl/record/ssl3_record.c:354:

no peer certificate available

No client certificate CA names sent

SSL handshake has read 244 bytes and written 351 bytes
Verification: OK

New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)

Many thanks

2

do one this disable cf and issue SSL on mail domain then let me know

3

Hi Shoaib

Thanks for your reply, done it. Still not working.

But there are few problems:

  • I need CFlare
  • When I initially issued LE cert (for all my domains), CFlare was enabled, and all cert was issued (about 80d long each)

ss_0204_100716-dns-only
ss_0204_100716-dns-only1461×559 59.3 KB

ss_0204_101159
ss_0204_1011591159×574 24.7 KB

ss_0204_101244
ss_0204_1012441482×429 38.9 KB