I am running Ubuntu 16.04 using apache and ISPConfig.
When I attempt to send an email using Outlook, I get a message that says "The server you are connected to is using a security certificate that cannot be verified. A certificate chain processed but terminated in a root certificate which is not trusted. There is a button that allows me to view the certificate and it was issued to and from the DNS of my server “ubuntu-1.domain.com”
When I run “certbot renew” the servers certificate is listed as not needing to be renewed.
If it says it was issued from your domain, then you’re using a self-signed certificate and not the one you issued from Let’s Encrypt. You should try and find out why it’s not presenting the signed cert. Most servers need a reload or restart to start using a new certificate.
As @jared.m said, your site is using a Self-Signed Certificate, checking the certificate your server is using (it is not hard to know your real domain), the certificate has been issued by “Servisys di Temporini Matteo” which means you have used this script https://github.com/servisys/ispconfig_setup to install ispconfig on your machine and this script created the selfsigned certificate.
As far as I know, ispconfig can issue Let’s Encrypt certificates and configure them automatically from the control panel but just for web sites. If you want to add it to your Postfix and Dovecot you can reuse one of the already issued certificates for your web sites.
Maybe this post https://www.howtoforge.com/community/threads/letsencrypt-on-mail-server.73695/ could be useful to you, it explains how to issue a cert (you should have a few ones so no need to perform this part), how to replace the cert used by Postfix and Dovecot (both services share the same cert) and how to renew it reloading Postfix and Dovecot.
I don’t use ispconfig so I don’t know how accurate that info is, whether it is valid for the version you are using or there are other ways to perform the same task… so take that info carefully.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.