SSL Certificate expired for email domain

maltacross · January 24, 2023, 9:46pm

I have checked the email server zafoid.com using this website: checktlsdotcom

It has found the following error:

Certificate #1 of 1 (sent by MX): EXPIRED*
Cert VALIDATION ERROR(S): self signed certificate; certificate has expired*
So email is encrypted but the recipient domain is not verified*
Cert Hostname DOES NOT VERIFY (mx.zafoiddotcom != paneldotzafoiddotcom)*
So email is encrypted but the host is not verified*
Not Valid Before: Dec 21 19:09:07 2021 GMT*
Not Valid After: Dec 21 19:09:07 2022 GMT*

Could you please advise further?

eris · January 24, 2023, 9:56pm

v-add-letsencrypt-hostname for the hostname

And enable / disable → Enable ssl for the mail domains

maltacross · January 26, 2023, 9:00pm

Hi eris,

I have enabled ssl for the mail domain using the “Use Lets Encrypt to obtain SSL certificate” feature.

According to the panel, an SSL certificate was issued accordingly, which expires on 26th April 2023.

However, when a test for zafoid[dot]com is run here: https://www[dot]checktls[dot]com/TestReceiver

I keep getting a certificate failure, with the following details:

=========================================================================

Certificate #1 of 1 (sent by MX): EXPIRED
Cert VALIDATION ERROR(S): self signed certificate; certificate has expired
So email is encrypted but the recipient domain is not verified
ssl : scheme=smtp cert=94220942422672
: identity=mx[dot]zafoid[dot]com cn=panel[dot]zafoid[dot]com alt=
Cert Hostname DOES NOT VERIFY (mx[dot]zafoid[dot]com != panel[dot]zafoid[dot]com)
So email is encrypted but the host is not verified
cert not revoked by OCSP
Data:
Version: n/a
Serial Number: 50:96:61:0a:83:10:b5:d7:5a:d7:61:16:d0:33:ae:f3:4f:2f:e1:f6
Validity:
Not Before: Dec 21 19:09:07 2021 GMT
Not After: Dec 21 19:09:07 2022 GMT

=========================================================================

Can this certificate error be fixed please?

eris · January 26, 2023, 9:18pm

Use mail.domain.com instead mx.domain.cm in your mx records

maltacross · January 26, 2023, 9:57pm

Hi eris,

as screenshot attached herewith shows, I’m already using mail[dot]domain[dot]com.

maurice · January 26, 2023, 10:26pm

Nope.

$ dig +short zafoid.com MX
0 mx.zafoid.com.

eris · January 26, 2023, 10:46pm

It should be mail.zafoid.com. instead of mx.zafoid.com.

linkp · January 27, 2023, 3:37am

That’s not your DNS. Your DNS is in Cloudflare.

system · February 26, 2023, 3:37am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.