Outlook - SSL - Error

Discussion in 'Installation/Configuration' started by DexDeadly, Apr 4, 2017.

  1. DexDeadly

    DexDeadly New Member

    I just went and using my google domains account created an A record for mail.simplysyncedllc.com and pointed it to my box. I then went ahead and tried to configure the email in my outlook. When I go to connect I get The server you are connected to is using a security certificate that cannot be verified. The target principal name is incorrect. I can view the cert and its showing that its issued to webhost.simplysyncedllc.com and valid from 4/3/2017 to 4/1/2027. The certification path tab has This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store. I then tried changing my incoming and outgoing mail to webhost.simplysyncedllc.com thinking this was the issue. It was not, I still receive the same message. Now I know I could just install the certificate but this leads me to believe that the certificate might not be correct and I wanted to make sure.
     
  2. ahrasis

    ahrasis Active Member

    Which domain name are you using? Is it webhost.simplysyncedllc.com or mail.simplysyncedllc.com? Because I think it should be the first one i.e. your server.
     
  3. DexDeadly

    DexDeadly New Member

    Even when trying to use webhost.simplysyncedllc.com as both incoming and outgoing servers I still get the message.
     
  4. ahrasis

    ahrasis Active Member

  5. DexDeadly

    DexDeadly New Member

    Tried this, he stated to remove the first part of the name which I tried, tried simplysyncedllc.com , webhost.simplysyncedllc.com which has the ssl cert correct and mail.simplysyncedllc.com all of which bring up the same. Used those same ports listed there and it did not do anything different. I'm looking through the guides for email now but I've done everything that I see.
     
  6. DexDeadly

    DexDeadly New Member

  7. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    which tutorial does not uncomment smtps and submission ports in postfix?
     
  8. DexDeadly

    DexDeadly New Member

    sorry it was in the tutorial but I must of missed it because when my /etc/postfix/master.cf file was installed the smtps inet n line was right after the line above it. Not sure why but that where it was. Once I relooked at it I found the error.
     
  9. DexDeadly

    DexDeadly New Member

    So actually that did not work, today when i rebooted my laptop and then loaded up outlook I got the same error message in outlook about the certificate.
     
  10. florian030

    florian030 ISPConfig Developer ISPConfig Developer

    I think outlook does not accept your self-signed cert. You can install a ssl-cert from let's encrypt (serach the forum, there are several posts)
     
    ahrasis likes this.
  11. DexDeadly

    DexDeadly New Member

    Last edited: Apr 5, 2017
    ahrasis likes this.
  12. onastvar

    onastvar Member

    One of my clients had same issue with Outlook 2016 (Internet Security Warning) - The target principal name is incorrect, we fixed this way:
    Under: Email Accounts > Change > More Settings > Advanced Tab
    Under IMAP/POP/SMTP
    Use the following type of encrypted connection
    change from SSl/TLS to None

    [​IMG]
     
  13. LCaudell

    LCaudell New Member

    Your suggestion is not a fix, and defeats the purpose. "None" is no encryption. You will now receive warnings that your data is view-able by third parties.
     
  14. onastvar

    onastvar Member

    What's your recommendation to fix the issue?
     
  15. ahrasis

    ahrasis Active Member

  16. LCaudell

    LCaudell New Member

    Your link was extensive, and very informative, wish howtoforge had a search option to stay within a conversation. My lets-encrypt was already up and running, but the cert does not include mail.mydomain.net. Perhaps we need to look at why outlook does not automatically store lets-encrypt certs. Is it the lack of mail.mydomain.net, or something else.
     
  17. ahrasis

    ahrasis Active Member

    Step 7 (a) to (c) is normally relevant to mail services in a single server setup. However, if you are using ISPConfig mutiserver setup for mail.mydomain.net, do refer to post #203 of that guide for a possible solution to resolve it.
     
  18. onastvar

    onastvar Member

    If I was to secure it, would all the end users need to change any of the settings in their email client (outlook, iphone mail, android mail, etc.)? Would it break their email client setup?
     
  19. ahrasis

    ahrasis Active Member

    I do not know their settings, thus I am not sure whether they need to change any, and I also do not think that it will break their email client setup.
     

Share This Page