SSL error when connecting to mail server

I am using Lets Encrypt to issue SSL certificates on my Ubuntu 16.04 server that uses ispconfig.

When I add an email account to Thunderbird email client I get the following message:

This site attempts to identify itself with incorrect information
Wrong Site

If I view the certificate Thunderbird reports that the certificate is issued to and issued by is
Common Name is
Organization is Servisys di Temporini Matteo

If I do an SSL test using on, or I see the correct organization of MediaMix

Any idea of what is wrong?

Thanks in advance for your help.

What is the hostname you're using and for which protocol? SMTP or IMAP or POP3?

But SSLLabs only tests for port 443, i.e., HTTPS. Not IMAP or SMTP.

When I connect to with STARTTLS, I get a self signed certificate:

Certificate chain
 0 s:/C=IT/ST=Italy/L=Udine/O=Servisys di Temporini Matteo/OU=IT department/
   i:/C=IT/ST=Italy/L=Udine/O=Servisys di Temporini Matteo/OU=IT department/

And not your valid Let's Encrypt certificate(s).

SSL Labs tests against port 443.
Thunderbird opens connections for POP (110 or 995), IMAP (143 or 993), and SMTP (25, 465, or 587).

So, your web server and your email server are using two different certs on two (or more) different ports.

openssl s_client -connect -starttls imap
openssl s_client -connect
openssl s_client -connect -starttls smtp
openssl s_client -connect
openssl s_client -connect

as opposed to:
openssl s_client -connect -servername

So the LE cert is there, it just needs to be used by your email server.

Thanks for taking the time to reply with the reason for the problem.
Any advice on how to fix it?

Thanks again

Lookup how to add a certificate into the email server software you are using.
The ceritificate files can be found at:
/etc/letsencrypt/live/<cert name>/

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.