Mail Certificate

Discussion in 'Installation/Configuration' started by dayjahone, Aug 18, 2009.

  1. dayjahone

    dayjahone Member

    When I try to set up my mail account on my iphone, it says it cannot verify the ssl certificate. I have a certificate through godaddy, so I'm not sure why this is. The real problem is that I can't send mail. I suspect the two problems are related. Please help.
     
  2. till

    till Super Moderator

    I'am pretty sure the two problems are not related. Regarding the ssl issue, I guess you mix up your webserver ssl cert with the ssl certs for postfix and courier.
     
  3. dayjahone

    dayjahone Member

    You're right. The two problems are not related.

    Can I use the same ssl certificate for mail so I don't get that error?
     
  4. dayjahone

    dayjahone Member

    I have two different websites sharing an IP address on the same server and same incoming and outgoing mail server. One sends email just fine from Apple mail and the other gives the following error:

    Code:
    The certificate for SMTP: yourdomain.com_ryan@mail.yourdomain.com may not be vaild.
    Please help if you can. This problem is driving me nutty.
     
  5. till

    till Super Moderator

    You used the wrong server name to connect. You can have only one SSL cert per IP address, so you will have to use the domain name that is in the ssl cert to connect to the server.
     
  6. dayjahone

    dayjahone Member

    The server name is www.mydomain.com and the mail server I'm using is mail.mydomain.com. Can I have www.mydomain.com be my mail server as well? It just seems strange I guess.
     
  7. till

    till Super Moderator

    You can use any domain or subdomain you like as long as the domain points to the IP of your server in DNS. You can even use "not-a-mail-server.mydomain.com" as mailserver :)
     
  8. dayjahone

    dayjahone Member

    I tried entering www.mydomain.com as the mail server, but it comes up with my self-signed certficate, not the one that seems to be working at https://mydomain.com that I purchased.
     
  9. till

    till Super Moderator

    Ok. And you are sure that you connect withz the http protocol and not pop3 or imap?
     
  10. dayjahone

    dayjahone Member

    I've been using POP3 and IMAP. I don't know what it means to connect via http protocol, but I am trying to set these up in a mail client.
     
  11. till

    till Super Moderator

    Ahh, ok. Then there is a misunderstanding. The SSL certificate you bought is most likely installed in a website? Then this is an pache ssl certificate. This has nothing to do with certificates for pop3 and imap.

    See these instructions to create new ssl certs for courier:

    http://www.faqforge.com/linux/distr...courier-pop3-and-imap-server-on-debian-linux/

    If you need signed certs, you might have to let them sign at a ssl authority. But normally you will just import the ssl cert into your email client, so that you dont get a warning.
     
  12. dayjahone

    dayjahone Member

    Thanks, Till. I haven't ever done that. Is that something I need to do every year? I'm guessing they do expire?

    I did have a couple issues with the page you sent me to, though... I wasn't sure where to add my domain in the imapd.cnf file. And apparently, I don't have a pop3d.cnf file? I did "mkimapdcert" and "mkpop3dcert" anyway and I don't notice a difference.

    Thanks for your help thus far.
     
  13. falko

    falko Super Moderator

    Yes, SSL certificates expire. You can buy certificates for one, two, or three years.
     
  14. dayjahone

    dayjahone Member

    Thanks falko. So, can someone help me find where to enter my mailserver's domain and tell me why I don't have the pop file?
     

Share This Page