Hi,
After restoring a backup, I’m getting this error message on gmail using the ‘send as’ (our domain name) option:
“TLS Negotiation failed, the certificate doesn’t match the host., code: 0”
The email/site were working fine when the backup was taken.
I ran a test on checktls.com and I’m getting this error (error in bold):
STARTTLS command works on this server
[000.339] Connection converted to SSL
SSLVersion in use: TLSv1_2
Cipher in use: ECDHE-RSA-AES256-GCM-SHA384
Perfect Forward Secrecy: yes
Certificate #1 of 1 (sent by MX):
Cert VALIDATION ERROR(S): unable to get local issuer certificate
This may help: What Is An Intermediate Certificate
So email is encrypted but the recipient domain is not verified
Cert Hostname VERIFIED (mail.tainoconsultants.com = tainoconsultants.com DNS:mail.tainoconsultants.com DNS:tainoconsultants.com DNS:www.tainoconsultants.com)
Not Valid Before: Dec 14 15:35:50 2020 GMT
Not Valid After: Mar 14 15:35:50 2021 GMT
subject= /CN=tainoconsultants.com
issuer= /C=US/O=Let’s Encrypt/CN=R3
I used virtualmin to get a new LetsEncrypt cert, but still get the same error. I’m not sure what it means and what I need to do about it.
Suggestions?
Thanks,
Chris
Okay - as a potential solution, I edited the virtual server, removed the checkmark from ‘apache ssl website enabled’, saved, then went back and checked it again, so that it would rebuild the ssl setup.
When I tried to enabled it, I got a “Adding new SSL virtual website …
… certificate file is not valid : Line 31 does not look like PEM format”
I deleted the current ssl files under that domain, tried again. This time it enabled the ssl for the domain ok. Then I redid the letsecrypt cert… hoping that would fix things… but nope, still the same error…
ugh! help!