Hi, I installed ISPCONFIG 3 following this setup https://www.howtoforge.com/perfect-...l-php-pureftpd-postfix-dovecot-and-ispconfig3 and everything worked great. I then installed a free SSL, following the below instructions and now my emails are not longer working. i cant access roundcube, it says: cannot connect to storage server and in microsoft outlook i can send email but cant receive email. below are the mail logs. Visit http://www.startssl.com/ and create an account. After you have validated your domain (on the Validations Wizard tab), you can request your certificate on the Certificates Wizard tab - select Web Server SSL/TLS Certificate from the Certificate Target drop-down field then skip step 2 because our server has csr already generated cat /usr/local/ispconfig/interface/ssl/ispserver.csr copy and paste this key in startssl website and finish the wizard. After a while the ssl is ready, in startssl.com push toolbox and then select retrieve certificate. Copy the certificate and paste it in ssh, type: mv /usr/local/ispconfig/interface/ssl/ispserver.crt /usr/local/ispconfig/interface/ssl/ispserver.crt_bak nano /usr/local/ispconfig/interface/ssl/ispserver.crt paste the certificate cd /usr/local/ispconfig/interface/ssl wget https://www.startssl.com/certs/ca.pem wget https://www.startssl.com/certs/sub.class1.server.ca.pem mv ca.pem startssl.ca.crt mv sub.class1.server.ca.pem startssl.sub.class1.server.ca.crt cat startssl.sub.class1.server.ca.crt startssl.ca.crt > startssl.chain.class1.server.crt cat ispserver.{key,crt} startssl.chain.class1.server.crt > ispserver.pem chmod 600 ispserver.pem nano /etc/httpd/conf/sites-available/ispconfig.vhost by #ssl configuration add this line SSLCertificateChainFile /usr/local/ispconfig/interface/ssl/startssl.sub.class1.server.ca.crt systemctl restart httpd cd /etc/postfix mv smtpd.cert smtpd.cert_bak mv smtpd.key smtpd.key_bak ln -s /usr/local/ispconfig/interface/ssl/ispserver.crt smtpd.cert ln -s /usr/local/ispconfig/interface/ssl/ispserver.key smtpd.key postconf -e 'smtpd_tls_CAfile = /usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt' systemctl restart postfix nano /etc/dovecot/dovecot.conf ADD THIS AFTER SSL_KEY ssl_ca = </usr/local/ispconfig/interface/ssl/startssl.chain.class1.server.crt save and close systemctl restart dovecot cd /etc/ssl/private/ mv pure-ftpd.pem pure-ftpd.pem_bak ln -s /usr/local/ispconfig/interface/ssl/ispserver.pem pure-ftpd.pem systemctl restart pure-ftpd MAIL LOGS: tail -n40 /var/log/maillog Apr 13 13:10:34 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 13:11:21 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223] Apr 13 13:11:21 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223] Apr 13 13:12:11 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223] Apr 13 13:12:15 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 13:12:42 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223] Apr 13 13:12:42 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223] Apr 13 13:12:59 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223] Apr 13 13:13:03 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 13:13:14 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223] Apr 13 13:13:14 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223] Apr 13 13:14:01 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223] Apr 13 13:14:05 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 13:14:52 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223] Apr 13 13:14:52 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223] Apr 13 13:15:01 mydealsexpress postfix/smtpd[17416]: connect from localhost[::1] Apr 13 13:15:01 mydealsexpress postfix/smtpd[17416]: lost connection after CONNECT from localhost[::1] Apr 13 13:15:01 mydealsexpress postfix/smtpd[17416]: disconnect from localhost[::1] Apr 13 13:15:01 mydealsexpress dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Apr 13 13:15:01 mydealsexpress dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs Apr 13 13:15:01 mydealsexpress dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D066EM routinesEM_read_bio:bad end line Apr 13 13:15:01 mydealsexpress dovecot: pop3-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Apr 13 13:15:01 mydealsexpress dovecot: pop3-login: Fatal: Can't load ssl_cert: error:0906D066EM routinesEM_read_bio:bad end line Apr 13 13:15:01 mydealsexpress dovecot: master: Error: service(pop3-login): command startup failed, throttling for 60 secs Apr 13 13:15:40 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223] Apr 13 13:15:44 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 13:16:01 mydealsexpress dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Apr 13 13:16:01 mydealsexpress dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D066EM routinesEM_read_bio:bad end line Apr 13 13:16:01 mydealsexpress dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs Apr 13 13:16:16 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223] Apr 13 13:16:16 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223] Apr 13 13:17:01 mydealsexpress dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Apr 13 13:17:01 mydealsexpress dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D066EM routinesEM_read_bio:bad end line Apr 13 13:17:01 mydealsexpress dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs Apr 13 13:17:05 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223] Apr 13 13:17:09 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Apr 13 13:18:03 mydealsexpress postfix/smtpd[17416]: lost connection after AUTH from unknown[185.103.253.223] Apr 13 13:18:03 mydealsexpress postfix/smtpd[17416]: disconnect from unknown[185.103.253.223] Apr 13 13:18:53 mydealsexpress postfix/smtpd[17416]: connect from unknown[185.103.253.223] Apr 13 13:18:56 mydealsexpress postfix/smtpd[17416]: warning: unknown[185.103.253.223]: SASL LOGIN authentication failed: UGFzc3dvcmQ6
You should check your config. dovecot: Code: ssl_cert = </etc/postfix/smtpd.cert ssl_key = </etc/postfix/smtpd.key ssl_protocols = !SSLv2 !SSLv3 ssl_ca = </etc/ssl/startssl/ca-bundle.crt ssl_client_ca_file = /etc/ssl/ca-bundle.crt ssl=yes
This might be off topic, but will this be implemented automatically with let's encrypt for site and email when the 3.1 is released?