Setup: Code: https://www.howtoforge.com/perfect-server-debian-12-buster-apache-bind-dovecot-ispconfig-3-2/ Code: https://www.howtoforge.com/securing-your-ispconfig-3-managed-mailserver-with-a-valid-lets-encrypt-certificate/ Problem: Code: dovecot: imap-login: Disconnected: Connection closed: SSL_accept() failed: error:0A000412:SSL routines::sslv3 alert bad certificate: SSL alert number 42 (no auth attempts in 0 secs): user=<> .acme Cert Update broke it? I have tried and tried nothing I try fixes the cert offered by the server. I even tried 2 purge dovecot and then I tried to change server name just in case there is somekind of conflict. Nothing works. Thunderbird keeps complaining about the cert. Should I just use ISPconfig setup script and start from scratch? Current config: server original name: mail.mattila.eu server name now: s1.mattila.eu postfix setup: mail.mattila.eu, mattila.eu, s1.mattila.eu, imap.mattila.eu, smtp.mattila.eu Thunderbird finds email account on imap.mattila.eu but not it's SSL cert. Currently Dovecot offers s1.mattila.eu as SSL cert not imap.mattila.eu
/etc/dovecot/dovecot.conf points to postfix symlinks that point to ispconfig certs. dh.pem is dovecot original. Code: ssl_cert = </etc/postfix/smtpd.cert #ref# /etc/postfix/smtpd.cert -> /usr/local/ispconfig/interface/ssl/ispserver.crt ssl_key = </etc/postfix/smtpd.key #ref# /etc/postfix/smtpd.cert -> /usr/local/ispconfig/interface/ssl/ispserver.key ssl_dh = </etc/dovecot/dh.pem
Easy solution would be to change server name to imap.mattila.eu. It's website alias for mail.mattila.eu.
If you followed this guide: https://www.howtoforge.com/securing...server-with-a-valid-lets-encrypt-certificate/ Then the certificate /usr/local/ispconfig/interface/ssl/ispserver.crt (which is used by postfix and dovecot) is replaced by symlinking with the certificate of the website you created for the SSL certs. So it contains all the subdomains that you added to that website.
