Error enabling SSL for webmail

Hello, I configured Hestia on my server (let’s say mail. domain. com is the main domain). After I added a regular user and added the mail root domain (domain. com) using that user.

Now I’m trying to enable SSL (Let’s Encrypt) for webmail but it doesn’t work because Hestia already assigned a certificate to mail. domain. com. There’s a message saying that it will create for both webmail and mail subdomains:

webmail .domain .com To enable Let’s Encrypt SSL, ensure that DNS records exist for mail. domain. com and webmail. domain. com!

This is the error message:

Error: Let’s Encrypt validation status 400 (mail. domain. com). Details: 403:"The key authorization file from the server did not match this challenge

How can I fix that?


What does the DNS record look like? Looks like this? Record mail A and webmail A.

mail is an A record, webmail is an CNAME record pointing to mail.

I think the problem here is that mail. domain. com is the domain where hestia is hosted under admin account (this is the server hostname) so it already created a SSL certificate for it:

  • v-list-web-domains admin show mail. domain. com
  • v-list-web-domains user show domain. com

Is there a way to change the admin/hestia domain to something else?

I just deleted mail. domain. com under admin account that Hestia created on installation and now SSL configuration worked fine for webmail subdomain. I don’t know what impact this will cause but everything seems to be working. Thanks!

1 Like