I have an issue with hestiacp and exim when receiving mail.
2020-03-21 12:42:45 TLS error on connection from mail-pf1-f173.google.com[188.8.131.52] (cert/key setup: cert=/usr/local/hestia/ssl/certificate.crt key=/usr/local/hestia/ssl/certificate.key): Error while reading file.
Some mail servers only use TLS so cannot receive mail from there.
Found something from vestacp that this should be solved with:
chmod 664 /etc/exim4/domains/$mydomain/aliases
but did not help.
So I know I could fix this with
copying over or symlink Key and Cert from
but that would fix this only for one domain, wouldn’t it?
I have Hestiacp 1.1
Debian Stretch Up2date
I think this problem was already present before upgrading to 1.1
Thanks for your request! I think the easiest way is to run v-add-letsencrypt-host, this will generate a let’s encrypt ssl certificate for you host domain and will also add it to the most common services like exim, dovecot, hestiabackend and vsftp.
Thank you very much for your replay.
v-add-letsencrypt-host did it.
would you be so kind to explain the magic that is happening here, I would like to understand:
is symlinked to
and when I check the certifcate at /home/atom/conf/web/mydomain.at/ssl/mydomain.crt
Its issued for my server FQDN and not mydomain.at
But when I do a Mail deliver test with this: https://www.checktls.com/TestReceiver
The Cert I see there is the correct one for mydomain.at I created with hestiacp, by enableing TLS with Letsencrypt option?
So everything is working like expected, but why?