Mail SSL problem on site SMTP

Dreamer · September 5, 2022, 5:01am

SMTP mail with fluent SMTP plugin fails with error: SMTP Error: Could not connect to SMTP host. Connection failed. stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
On mail log can see error: Sep 5 11:46:27 server postfix/submission/smtpd[790203]: warning: TLS library problem: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired:…/ssl/record/rec_layer_s3.c:1543:SSL alert number 45:

I have renewed mail SSL successfully but still SMTP fail validate certificate. Any Ideas how to fix?

yahyaTube · September 5, 2022, 2:38pm

turn off Firewall & ModSecurity and try to renew the mail SSL

Open the mail page with https like: (https://mail.yourdomain.com) and check if it open with https or not

Also make sure that port 25 is open by your host company.

Dreamer · September 6, 2022, 5:17am

I have valid SSL from lets encrypt and necessary ports are open. SMTP works if use main mail server domain but if use mail.site2.com mail.site3.com SSL fails even i’m 100% sure LE certificate is valid on each mail domain.

Everything was working fine till last time LE certificates did autorenewal…

yahyaTube · September 6, 2022, 8:39pm

I seem to have the same problem now

I will look for a solution

tobsowo · September 7, 2022, 11:13pm

Just an addition, when testing use incognito.

Dreamer · September 22, 2022, 4:11am

Did you find solution? My main mail server domain have this same issue now too, non of SMTP work anymore…

yahyaTube · September 23, 2022, 2:50pm

Unfortunately no

for me, I will do a full reinstall, and I don’t think I should make more than one “Mail Domain” on the server. (Perhaps this is the cause of the glitch)

Dreamer · September 24, 2022, 7:33am

There is definitely some bug on SSL wont be updated somewhere when renew SSL.

They had before free email debugger, what now just redirect to panel home…
So I found it’s now paid add-on I bought that and it actually fix issue. Just wondering is bug left there on purpose so people have to buy add-on.
I made community post and bug report, but no any answers from developers feels like they ignoring this issue…

yahyaTube · September 24, 2022, 8:32am

I don’t think this is intentional, it may just be a mistake, or they are maybe testing on Centos instead of Ubuntu…

Actually they deserve some profit but if what you are saying is true then this is a bad way to make profit.

Anyway I will try reinstalling everything (I have more than one site and it will take some time to move them) and try creating an ssl, If it works then it’s just a bug during the panel upgrade or something.

I am also sure that you should not put more than one mail server on one IP (when mail is sent from your IP using more than one domain, it will be converted to spam after a while).

Dreamer · August 23, 2023, 8:06am

This same problem still persist… I have to run email debugger every 3month to fix certificate.

kaike · August 23, 2023, 6:06pm

I am also experiencing this issue.