Mailserver self-signed certificate

Hi,

I have tried to follow the official guide, but still can’t solve the problem of mailserver not being able to ssl.

The system still shows “self-signed certificate”.

Any suggestions are greatly appreciated.

refer: How to fix SSL issues in CyberPanel - CyberPanel

Please run cyberpanel upgrade command first.

Make sure you have DNS A record for mail subdomain and points to your server ip. If DNS is controlled by cloudflare, make sure to disable cloud orange proxy.

Then try again issuing the ssl and let us know if it succeeds.

I have done what you said, but it still doesnt work.

I found that I can use cyberpanel mailserver to send mail through gmail, but when I want to receive mail, gmail displays “SSL error: Leaf certificate is self-signed”.

Please share debug log. Let me check.

Thank you for your help.
This my server debug log:

[12.09.2021_18-00-02] SSL exists for sub-health.org and is not ready to renew, skipping..
[12.09.2021_18-00-02] Checking SSL for mail.sub-health.org.
[12.09.2021_18-00-02] SSL exists for mail.sub-health.org. Checking if SSL will expire in 15 days..
[12.09.2021_18-00-02] SSL exists for mail.sub-health.org and is not ready to renew, skipping..
[12.10.2021_16-00-03] [Errno 2] No such file or directory: '/home/cyberpanel/git'. [IncScheduler.git:90]
[12.10.2021_18-00-02] Running SSL Renew Utility
[12.10.2021_18-00-02] Checking SSL for sub-health.org.
[12.10.2021_18-00-02] SSL exists for sub-health.org. Checking if SSL will expire in 15 days..
[12.10.2021_18-00-02] SSL exists for sub-health.org and is not ready to renew, skipping..
[12.10.2021_18-00-02] Checking SSL for mail.sub-health.org.
[12.10.2021_18-00-02] SSL exists for mail.sub-health.org. Checking if SSL will expire in 15 days..
[12.10.2021_18-00-02] SSL exists for mail.sub-health.org and is not ready to renew, skipping..
[12.11.2021_16-00-03] [Errno 2] No such file or directory: '/home/cyberpanel/git'. [IncScheduler.git:90]
[12.11.2021_16-00-03] [Errno 2] No such file or directory: '/home/cyberpanel/git'. [IncScheduler.git:90]
[12.11.2021_18-00-01] Running SSL Renew Utility
[12.11.2021_18-00-01] Checking SSL for sub-health.org.
[12.11.2021_18-00-01] SSL exists for sub-health.org. Checking if SSL will expire in 15 days..
[12.11.2021_18-00-01] SSL exists for sub-health.org and is not ready to renew, skipping..
[12.11.2021_18-00-01] Checking SSL for mail.sub-health.org.
[12.11.2021_18-00-01] SSL exists for mail.sub-health.org. Checking if SSL will expire in 15 days..
[12.11.2021_18-00-01] SSL exists for mail.sub-health.org and is not ready to renew, skipping..
[12.12.2021_16-00-03] [Errno 2] No such file or directory: '/home/cyberpanel/git'. [IncScheduler.git:90]
[12.12.2021_18-00-02] Running SSL Renew Utility
[12.12.2021_18-00-02] Checking SSL for sub-health.org.
[12.12.2021_18-00-02] SSL exists for sub-health.org. Checking if SSL will expire in 15 days..
[12.12.2021_18-00-02] SSL exists for sub-health.org and is not ready to renew, skipping..
[12.12.2021_18-00-02] Checking SSL for mail.sub-health.org.
[12.12.2021_18-00-02] SSL exists for mail.sub-health.org. Checking if SSL will expire in 15 days..
[12.12.2021_18-00-02] SSL exists for mail.sub-health.org and is not ready to renew, skipping..
[12.13.2021_10-12-45] Trying to obtain SSL for: mail.sub-health.org and: www.mail.sub-health.org
[12.13.2021_10-12-45] /root/.acme.sh/acme.sh --issue -d mail.sub-health.org -d www.mail.sub-health.org --cert-file /etc/letsencrypt/live/mail.sub-health.org/cert.pem --key-file /etc/letsencrypt/live/mail.sub-health.org/privkey.pem --fullchain-file /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem -w /home/mail.sub-health.org/public_html -k ec-256 --force --server letsencrypt
[12.13.2021_10-12-55] Failed to obtain SSL for: mail.sub-health.org and: www.mail.sub-health.org
[12.13.2021_10-12-55] Trying to obtain SSL for: mail.sub-health.org
[12.13.2021_10-13-03] Failed to obtain SSL, issuing self-signed SSL for: mail.sub-health.org
[12.13.2021_10-13-04] Websites matching query does not exist. [installSSLForDomain:72]
[12.13.2021_10-13-04] Self signed SSL issued for mail.sub-health.org.
[12.13.2021_13-43-26] BQFUcHEL3o0w/9ZOcfivj/Q+KWCUYa+Zsudo /usr/local/CyberCP/bin/python /usr/local/CyberCP/plogical/virtualHostUtilities.py issueSSLForMailServer --virtualHostName mail.sub-health.org --path /home/mail.sub-health.org/public_html
[12.13.2021_13-43-29] Trying to obtain SSL for: mail.sub-health.org and: www.mail.sub-health.org
[12.13.2021_13-43-29] /root/.acme.sh/acme.sh --issue -d mail.sub-health.org -d www.mail.sub-health.org --cert-file /etc/letsencrypt/live/mail.sub-health.org/cert.pem --key-file /etc/letsencrypt/live/mail.sub-health.org/privkey.pem --fullchain-file /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem -w /home/mail.sub-health.org/public_html -k ec-256 --force --server letsencrypt
[12.13.2021_13-43-38] Failed to obtain SSL for: mail.sub-health.org and: www.mail.sub-health.org
[12.13.2021_13-43-38] Trying to obtain SSL for: mail.sub-health.org
[12.13.2021_13-43-47] Failed to obtain SSL, issuing self-signed SSL for: mail.sub-health.org
[12.13.2021_13-43-47] Websites matching query does not exist. [installSSLForDomain:72]
[12.13.2021_13-43-47] Self signed SSL issued for mail.sub-health.org.
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/privkey.pem /etc/postfix/key.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem /etc/postfix/cert.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/privkey.pem /etc/pki/dovecot/private/dovecot.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem /etc/pki/dovecot/certs/dovecot.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/privkey.pem /etc/dovecot/key.pem
[12.13.2021_13-43-47] ln -s /etc/letsencrypt/live/mail.sub-health.org/fullchain.pem /etc/dovecot/cert.pem

If possible, private message me a temporary login to server. I will check and provide you with solution.

Could you tell me how can I private message to you? I cant find any mesaage icon, link in your profile

Will check the permissions level and revert.

I also had the same issue for the last many days I can’t find the solution totally fed up kindly help me outlook and thunderbird cant sending emails due to SSL self sign error or sent mail box not saving emails

1 Like

@uzairjhandeer can you please check mail.domain.com ssl and tell me?

Email Logs

Jan 11 06:57:41 vmi607671 dovecot[3082946]: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=203.99.178.79, lip=213.136.89.160, TLS handshaking: SSL_accept() failed: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42, session=<352YIUjV38jLY7JP>

Make sure that your mail domain have SSL and then run this command

postmap -F hash:/etc/postfix/vmail_ssl.map
systemctl restart postfix```

Bro run command but still having same issue

SSL issue solve
but there is another error that occurred when we setup email to outlook and thunderbird always getting password error settings are ok but password work on website mail

https://community.cyberpanel.net/uploads/default/original/2X/5/5b8628096654a4b2f5ace4bebbb42b2947b3e617.png
same issue

We have the same issue, help!

same isue, did you solve it ?