SMTP Error SSL ".com.com"

4 posts / 0 new
Last post
#1 Tue, 02/10/2009 - 12:47
k2chris1983

SMTP Error SSL ".com.com"

Hello,

I have setup an e-mail server on my box but when I try to connect by using an E-mail client (Thunderbird). I get an issue with SMTP saying:

"Server Certification Expired

"example.com.com" is a site that uses a security certificate to encrypted data during transmission, but its certificate expired on 8/16/2008 8:55 PM.

..."

Note: My site is example.com not "example.com.com".

How can I fix this issue?

Thanks,

Chris

Tue, 02/10/2009 - 19:21
sgrayban

create new ssl cert maybe :)

Tue, 02/10/2009 - 19:37
k2chris1983

Yeah, I just did that 15minutes ago and now it works, but I thought it had something to do with SMTP but I was wrong.

This is what I did if anyone else has the same issue. I did this in my home dir, just to let you know. You may have to redo the string up to match yours but it works.

[code:1]
sudo cp /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/private/ssl-cert-snakeoil.key-backup

sudo cp /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/ssl-cert-snakeoil.pem-backup

openssl genrsa -out server.key 1024

openssl req -new -x509 -key server.key -out server.pem -days 1826

sudo mv server.pem /etc/ssl/certs/ssl-cert-snakeoil.pem

sudo mv server.key /etc/ssl/private/ssl-cert-snakeoil.key

sudo /etc/init.d/dovecot restart

[/code:1]

Wed, 09/23/2009 - 03:54
Bertik

Everytime I try to send/recive (refresh) emails, I get this message, I get my
emails, but is rather anoying having to hit yes every time.

"The server you are connected to is using a security certificate That could not be verified
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Do you want to continue using this server? yes/no"

To fix this I did:

cp /etc/ssl/certs/ssl-cert-snakeoil.pem /home/some_site/crt1.pem

cp /etc/ssl/private/ssl-cert-snakeoil.key /home/some_site/key1.key

openssl pkcs12 -export -in crt1.pem -inkey key1.key -out OutlookSMTP.p12

Then I downloaded OutlookSMTP.p12 file to my WinXP PC and imported to IE.

You want to go to Internet Properties --> Content --> Certificates --> Trusted Root Certification Authorities --> Import ---------> locate downloaded .p12 file and import.

my 2c

Robert

Topic locked