The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problems with self signed SSL cert

Discussion in 'General Discussion' started by Johnserver, May 27, 2010.

  1. Johnserver

    Johnserver Registered

    Joined:
    May 27, 2010
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi and thank you for taking the time to read this.

    I am trying to set up a self signed ssl cert to use with email.

    The steps I have done so far are:
    Main >> SSL/TLS >> Generate a SSL Certificate and Signing Request
    Main >> SSL/TLS >> Install a SSL Certificate and Setup the Domain
    Main >> Service Configuration >> Manage Service SSL Certificates
    And selected my newly created certificate for the exim and courier services.

    My mail however does not connect to the server and or send recieve mails.
    When I run:
    openssl s_client -connect 123.234.234.123:993 or
    openssl s_client -connect 123.234.234.123:465

    From the vps this is installed on I get no errors however running this from another machine results in a timeout error.

    ANy help you can give me on this is much appreciated as I have been banging my head off a wall and searching the web for information for over a weak.

    Thanks
    Justin
     
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    You blew it at the point you said "email" :D

    There is little point in setting up SSL for email but there is a self signed generated automatically when the server is build and you should only need to rebuild it if it is expired or the server's hostname changes

    WHM -> Service Configuration -> Manage Service SSL Certificates

    Also if you plan on running email in an SSL mode then your client computer connecting to the server will need to use the server's hostname as the server connection address instead of the IP or other hosted domains
     
  3. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    PS: This should probably be a "give me" but just to say that I asked --- you did make sure that you have those ports open to firewalls on both ends, right? ;)
     
  4. Johnserver

    Johnserver Registered

    Joined:
    May 27, 2010
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi Spiral and thank you very much for the information.

    I have gone to:

    Main >> Service Configuration >> Manage Service SSL Certificates

    and clicked
    RESET CERTIFICATE
    for: Exim (SMTP) Server, Courier (POP3) Mail Server and Courier (IMAP) Mail Server

    I have checked the firewall on the server and:
    Secure Mail server input Accept tcp any any any 465
    Secure POP3 server input Accept tcp any any any 995
    Secure IMAP server input Accept tcp any any any 993

    I am also using the servers hostname as the mail server in my email client (Thunderbird Linux) and specifying the correct protocol and ports.

    However it is still not connecting for me. :(

    When I run:
    openssl s_client -connect 11.11.11.123:993
    On the server it gives me an ok msg however when I run it locally it returns a timeout errno=110

    I am sorry for bugging you with this but I am literally out of options at the moment and anything I try doesn't seem to help at all.
     
  5. Johnserver

    Johnserver Registered

    Joined:
    May 27, 2010
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Just as an update to this I can log on to:
    https://mydomain.com/webmail
    and access my mail and everything will work fine.

    However I cannot get any mail client to connect using ssl.
     
  6. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    That's fine and I got your private message. See replies :D
     
Loading...

Share This Page