So I'm very new to Virualmin, and am having a problem.
I've been able to get SSL certificates from Let's Encrypt and with some trouble have been able to get it to work for the web server (It was a pain getting the ones for Webmin to work), but for the life of my I can't get my email clients to connect to the server and I think it's due to an SSL issue.
I'm getting a little mixed up because I had a VPS that had Virtualmin but I decided to try cPanel (which works perfectly, but not worth $20 a month to me). I've left it, but I ended up buying another VPS for 1 month just to try Virtualmin again before deleting cPanel. When I try to use openssl s_client on port 143 and 587 it returns no SSL certificate at all.
The best I can find is someone said to copy the certificate into Postfix and Dovecot, but no explanation on how to do that so I'm wondering if someone could explain how.
Thanks in advance!
Howdy,
When requesting a Let's Encrypt SSL certificate in Server Configuration -> Manage SSL Certificates -> Let's Encrypt, that's just for the Apache website for that particular domain.
As you're seeing, to get that to work in other services, you'd need to perform a step such as using the "Copy to Webmin" or "Copy to Postfix" feature.
Those buttons are available in the Server Configuration -> Manage SSL Certificates screen, towards the bottom.
Note that in the case of Postfix, it only supports one SSL certificate per IP address.
So you can copy any SSL certificate into Postfix, but it's only able to use one per IP.
-Eric
Thanks Eric!
That worked perfectly!
I see you answer a lot of questions, so I'm going to ask you another one I hope you can answer!
I'm attempting to use Outlook for iOS but it's not working. With some difficulty I was able to get Spark to work, but not Outlook
I have me@mydomain.com as the email and because of the certificate, I have mail.server.com as the host. Just some information.. When I use openssl to connect to the server to check the certificate everything comes back as perfect (correct name, valid cert, etc). I configured Outlook to use IMAP 993 and SMTP 465 but it just fails.
Checking /var/log/maillog I see the following:
Jun 15 17:52:41 kvm1 dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=<ip>, lip=<ip>, TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46, session=<WAYrPLVuXgA0sGsi>Originally I had !SSLv3 in /etc/dovecot/conf.d/10-ssl.conf but removed it hoping that was the problem, but no such luck :(
Thanks for you help!
Howdy,
What error are you seeing in Outlook when trying to connect?
I'd also be curious if you have more luck connecting to port 587 though. For port 587, you'd want to make sure it's set to use TLS, and with 465, that's SSL.
Lastly, it wouldn't hurt to restart Postfix just in case... you can do that with "service postfix restart". That will ensure the newest certificate is active in it.
-Eric