CWPpro version: 0.9.8.699 If you experience difficulty loading your email accounts on mobile devices or other mail servers it is most likely caused by the "incomplete or missing intermediate SSL error".
1. To reproduce:1.1. Set the correct hostname of the server and get a free SSL (/admin/index.php?module=change_hostname)
1.2. Rebuild the mail server with the correct certificate (/admin/index.php?module=postfix_manager)
1.3. Check your config at
https://www.sslshopper.com/ssl-checker.html. Insert "hostname:995" or "hostname:993" or "hostname:465" and have a look
- It will show you a broken certificate chain.
2. Make the following changes via terminal:2.1. Open dovecot config file:
nano /etc/dovecot/dovecot.conf2.2. Search for the following line:
ssl_cert = </etc/pki/tls/certs/hostname.crt2.3. Then change the "hostname.crt" to "hostname.bundle":
ssl_cert = </etc/pki/tls/certs/hostname.bundle2.4. Restart dovecot:
systemctl restart dovecot2.5. Open postfix config file:
nano /etc/postfix/main.cf2.6. Search for the following line:
smtpd_tls_cert_file = /etc/pki/tls/certs/hostname.crt2.7. Change "hostname.crt" to "hostname.bundle" :
smtpd_tls_cert_file = /etc/pki/tls/certs/hostname.bundle2.8. Restart postfix:
systemctl restart postfix
3 Check if problem is fixed now3.1 Check your config at
https://www.sslshopper.com/ssl-checker.html. Insert "hostname:995" or "hostname:993" or "hostname:465" and have a look.
- The chain should be complete now.
Topic: Fix for "incomplete missing intermediate SSL" for mobile & other mail clients (Read 3826 times)
