SSL Cert expired errors with mail provider and domain host but not squarespace website

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: bentleywalker.com

I ran this command: Squarespace website SSL certs valid, certs with mail provider and actual domain host expired - trying to update certs with mail provider and domain host

It produced this output: SSL expired with mail and domain host provider

My web server is (include version): www.bentleywalker.com

The operating system my web server runs on is (include version): Squarespace for website, hostek for mail and clook for domain hosting

My hosting provider, if applicable, is: clook

I can login to a root shell on my machine (yes or no, or I don't know): Unknown

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): Both mail provider and domain host provide me with cpanel access

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Unknown
cert errors
Mail provider cert errors attached

Hi @Gary118, and welcome to the LE community forum :slight_smile:

I don't think there is much we can do for you here.
You should reach out to SquareSpace support for the website cert:

Name:      ext-cust.squarespace.com
Addresses: 198.185.159.144
           198.49.23.144
           198.185.159.145
           198.49.23.145
Aliases:   www.bentleywalker.com

Not sure about who handles your mail system cert:

bentleywalker.com MX preference = 1, mail exchanger = phantom.hostingseries.net
phantom.hostingseries.net internet address = 89.187.86.9
3 Likes

Here is what I am seeing for the DNS Records https://dnsspy.io/scan/bentleywalker.com
And as @rg305 has already noted:

MX 	        bentleywalker.com          	5m 	1 phantom.hostingseries.net. 
CNAME 	    mail.bentleywalker.com   	5m 	bentleywalker.com. 
A 	        webmail.bentleywalker.com 	5m 	62.182.20.70

However my question is which mail(s) are there issue(s) with, as there is
mail.bentleywalker.com(that points to the MX) and webmail.bentleywalker.com?

1 Like

Also from here Hardenize Report: bentleywalker.com I see other email relays (etc.) in the SPF.

SPF Policy Information Main policy
Location 	bentleywalker.com
v 	        spf1
ip4 	    62.182.20.70
include 	relay.email-cluster.com
include 	email.chargebee.com
include 	spf.mailjet.com
include 	8442791.spf01.hubspotemail.net
a 	
mx 	
ip4 	    89.187.86.9
ip4 	    89.187.86.155
ip4 	    89.187.86.25
~all 

Can you supply more details on your mail environment(s)?

1 Like