The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Warning: No server certificate defined; TLS connections will fail

Discussion in 'Security' started by bloatedstoat, Jun 3, 2016.

  1. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    78
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    Hello,

    I ran upcp --force earlier and everything appeared to be hunky dory after completion.
    However this has now begun to appear in exim_mainlog:

    Code:
    2016-06-03 17:40:53 Warning: No server certificate defined; TLS connections will fail.
    Suggested action: either install a certificate or change tls_advertise_hosts option
    tls_advertise_hosts has * as its value in the Exim advanced editor.

    A valid service certificate exists for all services, FTP, Exim, Dovecot et al on the server.

    Anyone else come across this and is there a remedy?

    Thank you!
     
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,146
    Likes Received:
    34
    Trophy Points:
    48
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hello :),

    Have you installed ConfigServer MailScanner on your server ? I think due to MailScanner your are facing this issues with the exim service.
     
  3. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    78
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    G'day @24x7server, we do not use Mailscanner.
    Thanks for the thought though!
     
  4. Secmas

    Secmas Well-Known Member

    Joined:
    Feb 18, 2005
    Messages:
    321
    Likes Received:
    0
    Trophy Points:
    16
    It is happening to me as well.

    Do you use CloudLINUX?
     
  5. twhiting9275

    twhiting9275 Well-Known Member

    Joined:
    Sep 26, 2002
    Messages:
    538
    Likes Received:
    15
    Trophy Points:
    18
    cPanel Access Level:
    Root Administrator
    Twitter:
    Maybe reinstalling the certificate is in order.
     
  6. bloatedstoat

    bloatedstoat Well-Known Member

    Joined:
    Jun 14, 2012
    Messages:
    78
    Likes Received:
    6
    Trophy Points:
    8
    Location:
    Victoria, Australia
    cPanel Access Level:
    Root Administrator
    @Secmas, yes we are CloudLinux.
    The error message is no longer showing in exim_paniclog for us though.
    It only happened after the upcp --force and has since stopped presenting.
     
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,678
    Likes Received:
    650
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    You will notice those warnings in Exim 4.86 based on the following changes:

    Code:
    JH/04 Certificate name checking on server certificates, when exim is a client,
      is now done by default.  The transport option tls_verify_cert_hostnames
      can be used to disable this per-host.  The build option
      EXPERIMENTAL_CERTNAMES is withdrawn.
    
    JH/06 Verification of the server certificate for a TLS connection is now tried
      (but not required) by default.  The verification status is now logged by
      default, for both outbound TLS and client-certificate supplying inbound
      TLS connections
    Note that while you see the warning messages in /var/log/exim_mainlog, it should not result in any issues with mail delivery by default.

    Thank you.
     
Loading...

Share This Page