Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - motkoning

Pages: [1]
1
CWPpro version: 0.9.8.699

If you experience difficulty loading your email accounts on mobile devices or other mail servers it is most likely caused by the "incomplete or missing intermediate SSL error".

1. To reproduce:
1.1. Set the correct hostname of the server and get a free SSL (/admin/index.php?module=change_hostname)
1.2. Rebuild the mail server with the correct certificate (/admin/index.php?module=postfix_manager)
1.3. Check your config at https://www.sslshopper.com/ssl-checker.html. Insert "hostname:995" or "hostname:993" or "hostname:465" and have a look
- It will show you a broken certificate chain.


2. Make the following changes via terminal:


2.1. Open dovecot config file:
Code: [Select]
nano /etc/dovecot/dovecot.conf
2.2.  Search for the following line:
Code: [Select]
ssl_cert = </etc/pki/tls/certs/hostname.crt
2.3. Then change the "hostname.crt" to "hostname.bundle":
Code: [Select]
ssl_cert = </etc/pki/tls/certs/hostname.bundle
2.4. Restart dovecot:
Code: [Select]
systemctl restart dovecot
2.5. Open postfix config file:
Code: [Select]
nano /etc/postfix/main.cf
2.6. Search for the following line:
Code: [Select]
smtpd_tls_cert_file = /etc/pki/tls/certs/hostname.crt
2.7. Change "hostname.crt" to "hostname.bundle" :
Code: [Select]
smtpd_tls_cert_file = /etc/pki/tls/certs/hostname.bundle
2.8. Restart postfix:
Code: [Select]
systemctl restart postfix

3 Check if problem is fixed now

3.1 Check your config at https://www.sslshopper.com/ssl-checker.html. Insert "hostname:995" or "hostname:993" or "hostname:465" and have a look.
- The chain should be complete now.

Pages: [1]