OpenSSH Returning self-signed cert

ArmanP · September 30, 2020, 5:52pm

My domain is:
armanpopat.co.uk, blog.armanpopat.co.uk, mail.armanpopat.co.uk

The operating system my web server runs on is (include version):
ubuntu 18.04
My hosting provider, if applicable, is:
Hetzner Cloud
Sorry, this may be simple, I'm a bit of a newbie.
So I used certbot --apache to install certificates on my domain along with the two subdomains.

When I use ssllabs for mail.armanpopat.co.uk I'm told that
'Issuer Let's Encrypt Authority X3'

but when I use open ssh and use the command:
' s_client -starttls smtp -crlf -connect mail.armanpopat.co.uk:587'

I'm told that 'issuer=/CN=mail.armanpopat.co.uk'
and 'Verify return code: 18 (self signed certificate)'

This is causing me problems when I try to use thunderbird to send emails.
Any help would be appreciated.

JuergenAuer · September 30, 2020, 6:12pm

Hi @ArmanP

Certbot installs the certificate only on port 443.

So if you want to use the same certificate (with the same folder-filenames, not a copy) with your mail server, you have to configure your mailserver.

Check the documentation of your port 587 or check the config file directly.

Change that and restart your mail server.

sudo certbot certificates

should show the relevant files you need.

ArmanP · September 30, 2020, 6:27pm

Thanks Juergen, that fixed it!

system · October 30, 2020, 6:27pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.