Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Mail SSL fails every 90day #1119

Open
Dreamer41 opened this issue Aug 23, 2023 · 7 comments
Open

[BUG] Mail SSL fails every 90day #1119

Dreamer41 opened this issue Aug 23, 2023 · 7 comments

Comments

@Dreamer41
Copy link

I cant connect SMTP I get message below

certificate Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

I have issued successfully new SSL for mailserver and mail domains, and restart postfix.
When issue new SSL it show it's successfully issued but the new SSL won't be updated correctly somewhere in the server mail system. When do mail tester it show old certificate even new one is successfully installed.
I have fix this issue now over a year every 90 days by running mail debugger but that can't be a permanent solution.

Below log from mail.

Sep 22 09:47:38 sgserver1 postfix/submission/smtpd[772857]: connect from mail.website.com[66.22.88.99]
Sep 22 09:47:38 sgserver1 postfix/submission/smtpd[772857]: SSL_accept error from mail.website.com[66.22.88.99]: -1
Sep 22 09:47:38 sgserver1 postfix/submission/smtpd[772857]: warning: TLS library problem: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired:…/ssl/record/rec_layer_s3.c:1543:SSL alert number 45:
Sep 22 09:47:38 sgserver1 postfix/submission/smtpd[772857]: lost connection after STARTTLS from mail.website.com[66.22.88.99]
Sep 22 09:47:38 sgserver1 postfix/submission/smtpd[772857]: disconnect from mail.website.com[66.22.88.99] ehlo=1 starttls=0/1 commands=1/2

Operating system:
Ubuntu 20.04

CyberPanel version:
Latest
@Dreamer41 Dreamer41 mentioned this issue Oct 7, 2023
Open
@Akrobs
Copy link

Akrobs commented Oct 10, 2023

Same on CentOS.

Bug in postfix, file vmail_ssl.map.db not upadated automatically, after get new LE certificate. At this time, I do it manually

@Lvl4Sword
Copy link
Contributor

@Akrobs Can you elaborate as to why you think this is a postfix bug? I'd love to tackle this.

@Akrobs
Copy link

Akrobs commented Dec 10, 2023

@Lvl4Sword, sorry I described the problem incorrectly. This is not a postfix problem, but a Cyberpanel problem. She doesn't update vmail_ssl.map.db, after the certificate issued. For any domain.

@Lvl4Sword
Copy link
Contributor

@Akrobs Appreciate the update. I've got a little bit of a backlog I'm working on, but this is something I want to take a look at.

@grievercr
Copy link

Are there any updates on the SSL bug? I just did a fresh install and I can't get certs to work on the version I installed. The hostname cert worked fine, but the sites I created are not issuing SSL.

@Shinji3rd
Copy link

This continues to happen even with the latest commit

@MoeedAther
Copy link

Hello everyone, Can I get assistance here? I have be struggling allot with this problem on Cyber Panel. I have performed Reverse DNS, Mail Certificate and still getting same error.

Error:
Connection could not be established with host "ssl://mail.slash.casino:465": stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@Shinji3rd @Lvl4Sword @grievercr @Akrobs @Dreamer41 @MoeedAther