Hi, I am getting a security warning "The server you are connected to is using a security certificate that cannot be verified." i have a ssl certificate for mydomain.com with ssl.com. https:// mydomain.com works great in the browser. Just when I check email with outloook it doesn't work. Outlook is seeing server1.mydomain.com. which is the self signed certificate. I thought this might be the problem so I bought a certificate for server1.mydomain.com and replaced the postfix cert and key with that certificate. Still pulls up the self signed certificate. I then replaced the ispconfig/interface/ssl cert and key and it still pulls up the self signed cert when checking email with outlook. Is there another location? What am I missing? Thanks, Greg
in /etc/dovecot/dovecot.conf Look for these below and point them to the correct certs: ssl_cert = </etc/postfix/smtpd.cert ssl_key = </etc/postfix/smtpd.key
the dovecot.conf points to the right certs. I suspect the problem may be when I replaced the /usr/local/ispconfig/interface/ssl certs. I created a new csr from my /etc/postfix/smtpd.key uploaded the csr to ssl.com. received the domain.crt and ca-bundle.crt I combined those 2 together into a new crt file. replaced the smtpd.cert with the new crt file. restarted postfix. Then replaced /usr/local/ispconfig/interface/ssl/ispconfig.crt data with the new smtpd.crt and copied the smtpd.key to ispconfig.key. I noticed there are alot more files in the /usr/local/ispconfig/interface/ssl folder. example: ispconfig.pem , startssl.ca.crt , startssl.chain.class1.server.crt , startssl.sub.class1.server.ca.crt I didn't know what to do with those. I only received 2 files from ssl.com. domain.crt and ca-bundle.crt What do you think? Greg
Ok. Got it fixed. I combined the domain.key, domain.crt, ca-bundle.crt into one file in that order. Renamed it to ispserver.pem restarted dovecot service and it works. Outlook security message is gone. Thanks for the help.