I installed Let’s Encrypt via Plesk to encrypt my outgoing & incoming emailtraffic. The webmailer works fine but I wanna add my emailaccounts to the Apple Webmailer and onto my Android phone into the Gmail app.
They worked pretty fine (without SSL/TLS). But now whenever I wanna activate the SSL connection both programs answer that the certificate is not valid.
Can you help me out here? Im not familiar with this whole certificate stuff at all… I tried to play around with the email ports but that doesnt work.
openssl s_client -connect lynxdesign.de:443 -servername lynxdesign.de
does show your cert.
However, openssl s_client -connect lynxdesign.de:143 -starttls imap openssl s_client -connect lynxdesign.de:587 -starttls smtp openssl s_client -connect lynxdesign.de:993
all show a cert for: st-webhost-01.st-srv.eu
It is also an LE cert but doesn’t cover the name you are using to reach those services.
I suggest, try using the name on the cert (st-webhost-01.st-srv.eu) in your email apps - that should work.
Thanks! It solved the problem. I don’t get it: Why does the certificate work when I surf the domain lynxdesign.de via the browser and not when I try to reach it via email?
Because the binding certificate for this port is st-webhost-01.st-srv.eu… you can try contact your hosting provider and ask them to bind your certificate to that port (w/ IP)
Because https uses port 443 and is configured for shared hosting (using SNI).
While the email is NOT configured for shared hosting (email works completely different to web services) and uses other ports; so it can’t show different server names to match all the different requested names.
Think about email, when people get their email form a shared ESP, they connect to the name of the provider not to their own domain name (unless they pay extra for individualized email hosting).
