Issue Cannot verify server identity popup iPhone & webmail

[Ihtshama]

Hello
Since yesterday, suddenly, cannot verify server identity is poping up on iPhone users of all our server users. Similar goes to webmail, check attached please, Why it happened at its own? We did not change anything.

OS
CentOS Linux 7.8.2003 (Core)
Product
Plesk Obsidian
Version 18.0.28 Update #3, last updated on July 21, 2020 03:20 AM

 

[TravisB]

Hi @lhtshama,

The webmail is loading as secured, at my end.

Please see attached.

Although, according to sslchecker.com, there are some issues.

Please see SSL Checker for more information.

 

[Ihtshama]

Thank you @TravisB @learning_curve
I saw SSLchecker report, i am surprised how webmail is attached to SSL from plesk itself, it was not the case. I have secured it with its own certificate. The same thing is happening with other domains at server also. How all these domains are shifted to plesk certificate. any clue please?

 

[Ihtshama]

@TravisB @learning_curve
Can you please see attached, i just confirmed, it is default certificate present at the server. But it has been attached to mail server of various clients, to all domains if i am not wrong.

 

[learning_curve]

....i am surprised how webmail is attached to SSL from plesk itself, it was not the case. I have secured it with its own certificate. The same thing is happening with other domains at server also. How all these domains are shifted to plesk certificate. any clue please?

Assuming that you have both the Let's Encrypt and SSL It Plesk Extensions installed, you can quickly see everything that you already have setup on each and every domain (including webmail) via those extensions. With regard to Plesk itself and the mail server etc you can quickly see everything that you already have setup here: *yourdomain.com*:8443/admin/ssl-certificate/list

 

[learning_curve]

Assuming that you have both the Let's Encrypt and SSL It Plesk Extensions installed, you can quickly see everything that you already have setup on each and every domain (including webmail) via those extensions

Simply by going to the domain itself inside Plesk and selecting the SSL/TLS Certificates option within the Security section. When you do, you'll end up here: *yourdomain.com*:8443/modules/sslit/index.php/index/certificate/id/*domain_ID_No* It's all there in an easy to see GUI format.

 

[Jedonxk]

Simply by going to the domain itself inside Plesk and selecting the SSL/TLS Certificates option within the Security section. When you do, you'll end up here: *yourdomain.com*:8443/modules/sslit/index.php/index/certificate/id/*domain_ID_No* It's all there in an easy to see GUI format. Talk to Sonic

I saw SSLchecker report, i am surprised how webmail is attached to SSL from plesk itself, it was not the case. I have secured it with its own certificate. The same thing is happening with other domains at server also.

 

[learning_curve]

I saw SSLchecker report, i am surprised how webmail is attached to SSL from plesk itself, it was not the case. I have secured it with its own certificate. The same thing is happening with other domains at server also.

@Jedonxk Don't understand that ^^post at all, some of it looks like it's a copy from an earlier post on this thread too. If you clearly and accurately, post all of your issues c/w sufficient supporting details on each, then it might be possible for some people on here to help you

 

[D4vids0n1987]

it's secure on my end, though this happend to a friend's server as well. i couldn't tell you exactly what happend as this is not my field of expertise as well but i remember him being very puzzled about it. i see some isuess there tho that i am quite familiar with from the same incident cause he was explaining to me all the isuess as a part of trying to understand them himself. quite some interesting stuff if you start to get into it (of course not that inteersting when it's your own server that has the problems). i remember him mentioning that lincolnlabs.com helped him, maybe give it a look.

 

[Bitpalast]

As this is reported for an iPhone: We have dozens of customers who experience similar problems each time a Let's Encrypt certificate is auto-renewed. It seems to be an issue on iPhones only. They don't realize that the certificate was renewed but think the certificate is new one, so they claim that the connection became insecure. I had found a few reports on the Internet that this is a bug in older iPhone software, but not sure whether this applies to your case here.

 

[TomBoB]

can confirm Peters experience, and the behaviour of your pop-up-iphone. Many of our iphone and mac clients experienced the same. What we found out with our setup was that it only happened when the servers host name was used as incoming and outgoing server and secured accordingly. (we did that before the auto discovery / postfix SNI became available). When we slowly changed clients over to actually use their own domain name as incoming and outgoing server (after the introduction of the mail auto discovery / postfix SNI) the issue went away.
Just experience.
Still doesn't explain why your domains would hand out the hosts cert when you chose the domains one though.

 

[applecases]

Deleting and reentering your email account information resets your email's server identity certificates, which allow your email account to be verified by the Mail app. Then, under Accounts, look for the email account you want to delete and tap it.






New iPhone12 accessories