since a couple of days one of users reported getting expired certificate error in TB, looking at the log, I can see like: Mar 02 21:46:24 pop3-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=111.222.333.444, lip=103.106.168.105, TLS: SSL_read failed: error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate expired: SSL alert number 45, session=<...> but, looking at server with https://ssl-tools.net/mailservers/emu.sbt.net.au it says 'valid' as does certbot tool what am I missing ? Expiry Date: 2021-04-27 12:11:32+00:00 (VALID: 55 days) Certificate Path: /etc/letsencrypt/live/emu.sbt.net.au/fullchain.pem Private Key Path: /etc/letsencrypt/live/emu.sbt.net.au/privkey.pem # grep ssl_ dovecot.conf ssl_cert = </etc/letsencrypt/live/emu.sbt.net.au/fullchain.pem ssl_key = </etc/letsencrypt/live/emu.sbt.net.au/privkey.pem ssl_dh=</etc/dovecot/dh.pem
Le 02/03/2021 ? 13:29, Voytek Eymont a ?crit?:> since a couple of days one of users reported getting expired certificate > error in TB, looking at the log, I can see like: > > Mar 02 21:46:24 pop3-login: Info: Disconnected (no auth attempts in 0 > secs): user=<>, rip=111.222.333.444, lip=103.106.168.105, TLS: SSL_read > failed: error:14094415:SSL routines:SSL3_READ_BYTES:sslv3 alert > certificate expired: SSL alert number 45, session=<...>Here it is the certificate presented on the pop3 port (either port 110 with a STLS command or port 995)> but, looking at server with > https://ssl-tools.net/mailservers/emu.sbt.net.au it says 'valid' as does > certbot toolHere it seems te site tests the smtp server (on port 25), which is not handled by dovecot. You probably have different certificates on both.