The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Warning: No server certificate defined; TLS connections will fail

Discussion in 'E-mail Discussions' started by juanmc, Nov 9, 2016.

  1. juanmc

    juanmc Member

    Joined:
    Feb 25, 2016
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Buenos Aires
    cPanel Access Level:
    Root Administrator
    Hello,
    I'm having an issue with a few servers, on where I'm seeing this messafe in /var/log/exim_paniclog

    Warning: No server certificate defined; TLS connections will fail.
    Suggested action: either install a certificate or change tls_advertise_hosts option

    I've tried setting tls_advertise_hosts = , but I had an error.
    also tried tls_advertise_hosts = unset, but I had no results.

    I have the following system:

    /etc/redhat-release:CloudLinux Server release 6.8 (Oleg Makarov)
    Server version: Apache/2.4.16 (Unix)
    Server built: Oct 8 2015 11:04:16
    Cpanel::Easy::Apache v3.32.2 rev9999 +cloudlinux
    PHP 5.4.45 (cli) (built: Oct 8 2015 11:11:48)
    Copyright (c) 1997-2014 The PHP Group
    Zend Engine v2.4.0, Copyright (c) 1998-2014 Zend Technologies
    mysql Ver 14.14 Distrib 5.5.52, for Linux (x86_64) using readline 5.1

    Could you give me a hand?.

    Thanks in advance.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,185
    Likes Received:
    1,295
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    This is discussed on the following thread:

    Warning: No server certificate defined; TLS connections will fail.

    The only change since that thread is the default tls_certificate entry in /etc/exim.conf as of cPanel version 60 is:

    Code:
    tls_certificate = ${if and \
        { \
            {gt{$tls_in_sni}{}} \
            {!match{$tls_in_sni}{/}} \
        } \
        {${if exists {/var/cpanel/ssl/domain_tls/$tls_in_sni/combined} \
            {/var/cpanel/ssl/domain_tls/$tls_in_sni/combined} \
            {${if exists {${sg{/var/cpanel/ssl/domain_tls/$tls_in_sni/combined}{(.+/)[^.]+(.+/combined)}{\$1*\$2}}} \
                {${sg{/var/cpanel/ssl/domain_tls/$tls_in_sni/combined}{(.+/)[^.]+(.+/combined)}{\$1*\$2}}} \
                {/etc/exim.crt} \
            }} \
        }} \
        {/etc/exim.crt} \
    }
    This adds support for the Domain TLS functionality in cPanel 60, documented at:

    What is Domain TLS - cPanel Knowledge Base - cPanel Documentation

    Thank you.
     
  3. juanmc

    juanmc Member

    Joined:
    Feb 25, 2016
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Buenos Aires
    cPanel Access Level:
    Root Administrator
    Hello,
    Thanks!!
    I'm switching to the setting you've mentioned.
    Best Regards.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    37,185
    Likes Received:
    1,295
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    You shouldn't have to make any changes to the configuration files. The entry is configured by default in /etc/exim.conf in cPanel version 60, and you wouldn't want to use that entry on earlier versions that don't include Domain TLS support.

    Thank you.
     
    juanmc likes this.
  5. juanmc

    juanmc Member

    Joined:
    Feb 25, 2016
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Buenos Aires
    cPanel Access Level:
    Root Administrator
    Hello,
    Ok. Thanks for the advice, I'm going to take a look at it.

    Regards
     
Loading...

Share This Page