SSL Certificate expired for email domain

I have checked the email server zafoid.com using this website: checktlsdotcom

It has found the following error:

  • Certificate #1 of 1 (sent by MX): EXPIRED*
  • Cert VALIDATION ERROR(S): self signed certificate; certificate has expired*
  • So email is encrypted but the recipient domain is not verified*
  • Cert Hostname DOES NOT VERIFY (mx.zafoiddotcom != paneldotzafoiddotcom)*
  • So email is encrypted but the host is not verified*
  • Not Valid Before: Dec 21 19:09:07 2021 GMT*
  • Not Valid After: Dec 21 19:09:07 2022 GMT*

Could you please advise further?

v-add-letsencrypt-hostname for the hostname

And enable / disable → Enable ssl for the mail domains

Hi eris,

I have enabled ssl for the mail domain using the “Use Lets Encrypt to obtain SSL certificate” feature.

According to the panel, an SSL certificate was issued accordingly, which expires on 26th April 2023.

However, when a test for zafoid[dot]com is run here: https://www[dot]checktls[dot]com/TestReceiver

I keep getting a certificate failure, with the following details:

=========================================================================

Certificate #1 of 1 (sent by MX): EXPIRED
Cert VALIDATION ERROR(S): self signed certificate; certificate has expired
So email is encrypted but the recipient domain is not verified
ssl : scheme=smtp cert=94220942422672
: identity=mx[dot]zafoid[dot]com cn=panel[dot]zafoid[dot]com alt=
Cert Hostname DOES NOT VERIFY (mx[dot]zafoid[dot]com != panel[dot]zafoid[dot]com)
So email is encrypted but the host is not verified
cert not revoked by OCSP
Data:
Version: n/a
Serial Number: 50:96:61:0a:83:10:b5:d7:5a:d7:61:16:d0:33:ae:f3:4f:2f:e1:f6
Validity:
Not Before: Dec 21 19:09:07 2021 GMT
Not After: Dec 21 19:09:07 2022 GMT

=========================================================================

Can this certificate error be fixed please?

Use mail.domain.com instead mx.domain.cm in your mx records

Hi eris,

as screenshot attached herewith shows, I’m already using mail[dot]domain[dot]com. :innocent:

Nope.

$ dig +short zafoid.com MX
0 mx.zafoid.com.

1 Like

It should be mail.zafoid.com. instead of mx.zafoid.com.

That’s not your DNS. Your DNS is in Cloudflare.