OpenSSH Returning self-signed cert

My domain is:
armanpopat.co.uk, blog.armanpopat.co.uk, mail.armanpopat.co.uk

The operating system my web server runs on is (include version):
ubuntu 18.04
My hosting provider, if applicable, is:
Hetzner Cloud
Sorry, this may be simple, I'm a bit of a newbie.
So I used certbot --apache to install certificates on my domain along with the two subdomains.

When I use ssllabs for mail.armanpopat.co.uk I'm told that
'Issuer Let's Encrypt Authority X3'

but when I use open ssh and use the command:
' s_client -starttls smtp -crlf -connect mail.armanpopat.co.uk:587'

I'm told that 'issuer=/CN=mail.armanpopat.co.uk'
and 'Verify return code: 18 (self signed certificate)'

This is causing me problems when I try to use thunderbird to send emails.
Any help would be appreciated.

Hi @ArmanP

Certbot installs the certificate only on port 443.

So if you want to use the same certificate (with the same folder-filenames, not a copy) with your mail server, you have to configure your mailserver.

Check the documentation of your port 587 or check the config file directly.

Change that and restart your mail server.

sudo certbot certificates

should show the relevant files you need.

4 Likes

Thanks Juergen, that fixed it!

3 Likes