Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Warning: No server certificate defined; TLS connections will fail

Discussion in 'Security' started by bloatedstoat, Jun 3, 2016.

  1. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    125
    Likes Received:
    11
    Trophy Points:
    18
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    Hello,

    I ran upcp --force earlier and everything appeared to be hunky dory after completion.
    However this has now begun to appear in exim_mainlog:

    Code:
    2016-06-03 17:40:53 Warning: No server certificate defined; TLS connections will fail.
    Suggested action: either install a certificate or change tls_advertise_hosts option
    tls_advertise_hosts has * as its value in the Exim advanced editor.

    A valid service certificate exists for all services, FTP, Exim, Dovecot et al on the server.

    Anyone else come across this and is there a remedy?

    Thank you!
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,834
    Likes Received:
    85
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello :),

    Have you installed ConfigServer MailScanner on your server ? I think due to MailScanner your are facing this issues with the exim service.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    125
    Likes Received:
    11
    Trophy Points:
    18
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    G'day @24x7server, we do not use Mailscanner.
    Thanks for the thought though!
     
  4. Secmas

    Secmas Well-Known Member

    Joined:
    Feb 18, 2005
    Messages:
    330
    Likes Received:
    1
    Trophy Points:
    168
    It is happening to me as well.

    Do you use CloudLINUX?
     
  5. twhiting9275

    twhiting9275 Well-Known Member

    Joined:
    Sep 26, 2002
    Messages:
    555
    Likes Received:
    16
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    Twitter:
    Maybe reinstalling the certificate is in order.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    125
    Likes Received:
    11
    Trophy Points:
    18
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    @Secmas, yes we are CloudLinux.
    The error message is no longer showing in exim_paniclog for us though.
    It only happened after the upcp --force and has since stopped presenting.
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,323
    Likes Received:
    1,851
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You will notice those warnings in Exim 4.86 based on the following changes:

    Code:
    JH/04 Certificate name checking on server certificates, when exim is a client,
      is now done by default.  The transport option tls_verify_cert_hostnames
      can be used to disable this per-host.  The build option
      EXPERIMENTAL_CERTNAMES is withdrawn.
    
    JH/06 Verification of the server certificate for a TLS connection is now tried
      (but not required) by default.  The verification status is now logged by
      default, for both outbound TLS and client-certificate supplying inbound
      TLS connections
    Note that while you see the warning messages in /var/log/exim_mainlog, it should not result in any issues with mail delivery by default.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice