Hello,
I have some problems after changing the keyhelp domain, well when I now verify the email via checktls -> testReceiver I get the following error:
seconds test stage and result
[000.000] Trying TLS on mail.XXX.XX[XXX.XX.XXX.XX:25] (10)
[000.111] Server answered
[000.277] <‑‑ 220 panel.XXX.XX ESMTP Postfix (Ubuntu)
[000.278] We are allowed to connect
[000.278] ‑‑> EHLO www12-azure.checktls.com
[000.383] <‑‑ 250-panel.XXX.XX
250-PIPELINING
250-SIZE 125829120
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
[000.384] We can use this server
[000.384] TLS is an option on this server
[000.384] ‑‑> STARTTLS
[000.489] <‑‑ 220 2.0.0 Ready to start TLS
[000.490] STARTTLS command works on this server
[000.722] Connection converted to SSL
SSLVersion in use: TLSv1_3
Cipher in use: TLS_AES_256_GCM_SHA384
Perfect Forward Secrecy: yes
Session Algorithm in use: Curve P-384 DHE(384 bits)
Certificate #1 of 3 (sent by MX):
Cert VALIDATED: ok
Cert Hostname DOES NOT VERIFY (mail.XXX.XX != panel.XXX.XX | DNS:panel.XXX.XX)
So email is encrypted but the host is not verified
Not Valid Before: Feb 17 16:46:09 2024 GMT
Not Valid After: May 17 16:46:08 2024 GMT
subject: /CN=panel.XXX.XX
issuer: /C=US/O=Let's Encrypt/CN=R3
Certificate #2 of 3 (sent by MX):
Cert VALIDATED: ok
Not Valid Before: Sep 4 00:00:00 2020 GMT
Not Valid After: Sep 15 16:00:00 2025 GMT
subject: /C=US/O=Let's Encrypt/CN=R3
issuer: /C=US/O=Internet Security Research Group/CN=ISRG Root X1
Certificate #3 of 3 (added from CA Root Store):
Cert VALIDATED: ok
Not Valid Before: Jun 4 11:04:38 2015 GMT
Not Valid After: Jun 4 11:04:38 2035 GMT
subject: /C=US/O=Internet Security Research Group/CN=ISRG Root X1
issuer: /C=US/O=Internet Security Research Group/CN=ISRG Root X1
[000.819] ~~> EHLO www12-azure.checktls.com
[000.935] <~~ 250-panel.XXX.XX
250-PIPELINING
250-SIZE 125829120
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250-SMTPUTF8
250 CHUNKING
[000.935] TLS successfully started on this server
[000.936] ~~> MAIL FROM:<test@checktls.com>
[001.048] <~~ 250 2.1.0 Ok
[001.048] Sender is OK
[001.048] ~~> QUIT
[001.155] <~~ 221 2.0.0 Bye
In addition, the previous domain that was assigned got a CA Certificate. In the new one it was no longer generated.
How to solve these problems?
problems after changing the keyhelp domain
Re: problems after changing the keyhelp domain
Hallo,
try to set the certificte for all services to the default certificate.
Wait at least one minute.
Then change it back to Let's encrpyt.
try to set the certificte for all services to the default certificate.
Wait at least one minute.
Then change it back to Let's encrpyt.
Mit freundlichen Grüßen / Best regards
Florian Cheno
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************
Florian Cheno
**************************************************************
Keyweb AG - Die Hosting Marke
Neuwerkstr. 45/46, 99084 Erfurt / Germany
http://www.keyweb.de - http://www.keyhelp.de
**************************************************************