• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Resolved Error with certificate on Thunderbird

I

Ickov

Basic Pleskian
Server operating system version
Ubuntu 20.04.4 LTS
Plesk version and microupdate number
Version 18.0.44 Update
Hi all,

i have problem with sending email through Tunderbird problem with certificate ROOT SSL is with Let's Encript also mail ,

error on thunderbird is :

Sending of the message failed.
Peer’s Certificate has expired.
The configuration related to domain.tld must be corrected


on SSH side i see

-> warning: TLS library problem: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired:../ssl/record/rec_layer_s3.c:1543:SSL alert number 45:

when i try to send via Horde/Roundcube everything is ok ,

can someone advise what is wrong here , already try to reissue the certificate but error still show

thanks in advance
 
Is your operating system old like Win 7 or Vista? In that case it might be the computer's SSL root that has not been updated.
 
Peter Debik said:
Is your operating system old like Win 7 or Vista? In that case it might be the computer's SSL root that has not been updated.
Click to expand...
Nope,

it is windows10,

will say again , on that domain there are 10 email accounts, till now all function and only one email during sending message it show that error, also i use roundcube and everything is ok

E-mail software is Mozzila Thunderbird, tried to reinstall , delete all files in $app-data but nothing
 
martini_mk.jpg

You are using the wrong hostname. For martini.mk there is no current mail certificate on your server. To fix the issue, either enter a host name into Thunderbird that has an SSL certificate for the mail server or create a mail server certificate for your domain on the server (e.g. by adding the mail option to the domain's SSL certificate.)
 
Hi, thanks for explanations,

i am not sure but i think i use same hostname and certificate

please check picture
 

Attachments

  • Screenshot 2022-06-30 at 22-47-07 Home - Plesk Obsidian 18.0.44.png
    Screenshot 2022-06-30 at 22-47-07 Home - Plesk Obsidian 18.0.44.png
    18 KB · Views: 17
  • Screenshot 2022-06-30 at 22-47-27 SSL_TLS Certificates - Plesk Obsidian 18.0.44.png
    Screenshot 2022-06-30 at 22-47-27 SSL_TLS Certificates - Plesk Obsidian 18.0.44.png
    20.7 KB · Views: 15
  • Screenshot 2022-06-30 at 22-50-21 SSL_TLS Certificate for martini.mk - Plesk Obsidian 18.0.44.png
    Screenshot 2022-06-30 at 22-50-21 SSL_TLS Certificate for martini.mk - Plesk Obsidian 18.0.44.png
    51.5 KB · Views: 15
Are you using the "mail" subdomain in any place on the server? It seems that for a yet unknown reason mail servers think the mail server's name is mail.<your domainname>, not just <your domain name>, and for the mail subdomain there is no matching certificate. Have you tried to create a server certificate instead of using the domain/subscription certificate for the server, so that according to your DNS entries that are probably managed on the same Plesk system (?) all necessary names are included in that server certificate?
 
Hi, thanks for advise

sorry for late replay,

little confused, you like to tell me to create different certificate (on section - see picture 1)

because till now never had problem like that
 

Attachments

  • picture 1.png
    picture 1.png
    16.6 KB · Views: 11
Open the subscription of the domain and check on the Mail Settings tab which certificate is assigned to mail.martini.mk:

Screenshot 2022-07-04 at 20.30.51.png
 
Please check attachment
 

Attachments

  • Screenshot 2022-07-04 at 22-46-33 Mail Settings for martini.mk - Plesk Obsidian 18.0.44.png
    Screenshot 2022-07-04 at 22-46-33 Mail Settings for martini.mk - Plesk Obsidian 18.0.44.png
    5.4 KB · Views: 13
Problem solved

1. re-issue Lets encrypt
2. use plesk-repair mail (ssh)
3. reload postfix (ssh)

can be closed
 
Hi @Ickov, I'm having the same problem. I've already done step one of your process, can you give me more information about step 2 and 3. Is this done in command line on SSH or is it in the Plesk interface?

Email is stil working on Mac Mail, IOS and webmail, just not Thunderbird ??
 
You must log in or register to reply here.

Similar threads

Nextgen-Networks
Issue Lets Encrypt - error in certificate renew process
2
Replies
21
Views
3K
Peter Debik
P
marvin
Question Peers Certificate has Expired ??
Replies
4
Views
2K
marvin
marvin
S
Resolved ssl3_read_bytes:sslv3 alert certificate expired
Replies
5
Views
22K
Ickov
I
marvin
Issue IMAP requires security certificate? Maybe?
2 3
Replies
40
Views
4K
Peter Debik
P
U
Question Postfix TLS issue
Replies
5
Views
2K
Kaspar
K
Back
Top