Hello, Since from 18th of December 2017, one day after, let's encrypt certificate renew. Ios mail client over iphone 6, 6plus, 7, 7plus and 5se says the following ... Let me show you 3 images. The domain is laviruta.com and the server domain is sofihacloud.com.ar At first I used another email client, spark for ios, and works fine, but some of my clients want use the ios mail client because is more familiar for them. Thanks I'll appreciate your cooperation Nestor Mazza
How did you install the LE cert? Did you use this tutorial? https://www.howtoforge.com/communit...l-port-8080-with-lets-encrypt-free-ssl.75554/
Yes, But I have some several troubles with the links on certificates folders, I had applied this configuration to all my 6 ISPConfig Servers Remember, my distro is CentOS 6.9 in this Server and onothers Servers is CentOS 7.4 I had wrote you about this in some post before. ======================================== Let me remember that.. ======================================== I have solved, doing the following [Using The Same Let's Encrypt SSL Certs For Other Major Services] /etc/postfix/main.cf ###smtpd_tls_cert_file = /etc/postfix/smtpd.cert ###smtpd_tls_key_file = /etc/postfix/smtpd.key smtpd_tls_cert_file = /etc/letsencrypt/live/sofiha-isp.com.ar/fullchain.pem smtpd_tls_key_file = /etc/letsencrypt/live/sofiha-isp.com.ar/privkey.pem /etc/dovecot/dovecot.conf ###ssl_cert = </etc/postfix/smtpd.cert ###ssl_key = </etc/postfix/smtpd.key # SSL/TLS support: yes, no, required. <doc/wiki/SSL.txt> ###ssl = required ssl_cert = </etc/letsencrypt/live/sofiha-isp.com.ar/fullchain.pem ssl_key = </etc/letsencrypt/live/sofiha-isp.com.ar/privkey.pem ssl_protocols = !SSLv2 !SSLv3 /etc/amavisd/amavisd.conf ###$inet_socket_port = 10024; # listen on this local TCP port(s) $inet_socket_port = [10024,10026]; # listen on multiple TCP ports service amavisd restart service postfix restart service dovecot restart [Changing ISPConfig 3 Control Panel (Port 8080)] /etc/httpd/conf/sites-enabled/000-ispconfig.vhost ###SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt ###SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key SSLCertificateFile /etc/letsencrypt/live/sofiha-isp.com.ar/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/sofiha-isp.com.ar/privkey.pem service httpd restart but I don't know if I'm in the write way ? ======================================== Thanks I'll appreciate your cooperation Nestor Mazza
Your changes are generally ok, but not update safe, you will lose the config when you install an ISPConfig update.
And, at your consideration what must be do to solve this situation? because I don't have any configurarion to modify.
I don't use any Apple deivices, so I can't tell you what's the exact problem. But there are many reports out there that apple mail has problems with LE certs. Waht you can try is to check which LE chain certs are in the fullchain cert and maybe add some affitional ones: https://letsencrypt.org/certificates/ Chain certs in postfix and dovecot can also be added in a separate file and loaded in postfix with: smtpd_tls_CAfile = /path/to/yourchain.crt and in dovecot: ssl_ca_file = /path/to/yourchain.crt Don't forget to restart the services.