Ruben Safir <ruben at mrbrklyn.com> wrote:
> > This got nothing to with LE or own CA. Bottom line is, you need to
> > add your own CA to the cert tore (ideally)
>
> what is a cert tore?
Someone has probably already replied to this, but it's a typo:
the OP wanted to say "store".
The certificate you created was used to sign itself ("self signed")
and thus, asserts its own validity. If you need *other* people to
trust your SSL service, you should sign your certificate using a third
party authority (e.g. LetsEncrypt) to sign it. Most internet users
will have these third party signing authority's certificates in their
certificate store to validate your service certificate. If this is
for your own personal use (i.e. you don't care about trust since you
know it's your own certificate), you have to add your self-signed
certificate into *your* system's certificate authority store so that
your mail reader does not complain about an untrusted certificate.
Clear?
Joseph Tam <jtam.home at gmail.com>