1 Topic by andrei_p

  • andrei_p
  • Member
  • Offline
  • Registered: 2022-04-09
  • Posts: 13

Topic: email client showing cert issue

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.6.3 PGSQL edition
- Deployed with iRedMail Easy or the downloadable installer? Easy
- Linux/BSD distribution name and version:  Debian 11.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  PGSQL
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? yes
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hi Iredmail support,

we have confured our cert by the following ways:

smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
smtpd_tls_cert_file = /etc/ssl/certs/iRedMail.crt


But now we have the issue with the cert while sending outgoing message:

You are about to override how Thunderbird identifies this site and Thunderbirds offers to make an exception, but how to fix and remove this warning window ?

Please see the screenshot.

With Regards,
Andrei.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by Cthulhu

  • Cthulhu
  • Member
  • Offline
  • Registered: 2019-06-04
  • Posts: 907

Re: email client showing cert issue

use a valid and not a selfsigned cert

3 Reply by andrei_p (edited by andrei_p 2023-07-24 18:22:45)

  • andrei_p
  • Member
  • Offline
  • Registered: 2022-04-09
  • Posts: 13

Re: email client showing cert issue

We use valid and wildcard cert obtained from https://www.rapidssl.com/ and it works on our current  production mail server.

4 Reply by Cthulhu

  • Cthulhu
  • Member
  • Offline
  • Registered: 2019-06-04
  • Posts: 907

Re: email client showing cert issue

so, does the mailserver match the cert? ptr and serverbanner?

5 Reply by andrei_p (edited by andrei_p 2023-07-24 18:54:47)

  • andrei_p
  • Member
  • Offline
  • Registered: 2022-04-09
  • Posts: 13

Re: email client showing cert issue

in /etc/postfix/main.cf we have:

# hostname
myhostname = etain.fbi.ie
myorigin = etain.fbi.ie
mydomain = etain.fbi.ie
mail_name = etain.fbi.ie
smtpd_banner = $myhostname ESMTP $mail_name

and we have ptr record added.

6 Reply by andrei_p

  • andrei_p
  • Member
  • Offline
  • Registered: 2022-04-09
  • Posts: 13

Re: email client showing cert issue

the second message that is showing in thunderbird is Sending of the message failed.
Unable to communicate securely with peer: requested domain name does not match the server’s certificate. The configuration related to mail.futuremsp.ie must be corrected.

7 Reply by dave.opc

  • dave.opc
  • Member
  • Offline
  • Registered: 2019-07-08
  • Posts: 103

Re: email client showing cert issue

so is your smtp (outgoing) server configured as etain.fbi.ie?

8 Reply by andrei_p

  • andrei_p
  • Member
  • Offline
  • Registered: 2022-04-09
  • Posts: 13

Re: email client showing cert issue

no, its configured as mail.futuremsp.ie, and we plan to use different domains on the mailserver wih mx record like mail.domainname.ie

9 Reply by dave.opc (edited by dave.opc 2023-07-25 01:43:18)

  • dave.opc
  • Member
  • Offline
  • Registered: 2019-07-08
  • Posts: 103

Re: email client showing cert issue

then of course thunderbird will have issues with certificate (issued to etain.fbi.ie) while you trying to connect to this server with domain mail.futuremsp.ie
you should rather use second server with mail.domainname.ie name and cert on it
or
use the same settings etain.fbi.ie for imap and smtp
or
get new certs mail.futuremsp.ie on this server and use this cert for imap/smtp