当我尝试使用端口 995 将我的帐户添加到 Gmail 时,它超时了。当我在 Gmail 添加帐户窗口中选中“始终使用安全的 SSL 连接”时,我收到此错误:
“SSL 错误:无法验证第一个证书”
迪吉特测试 mail.serv 时显示绿色复选标记,但以下情况除外
SSL 证书不受信任
我像往常一样将 Acmetool 证书添加到 Nginx 00-default.conf。将证书添加到 Postfix 如下:
postconf -e smtpd_tls_cert_file='/var/lib/acme/live/mail.server.com/cert'
postconf -e smtpd_tls_key_file='/var/lib/acme/live/mail.server.com/privkey'
将证书添加到 Dovecot conf 中,如下所示:
ssl_certificate /var/lib/acme/live/mail.server.com/cert;
ssl_certificate_key /var/lib/acme/live/mail.server.com/privkey;
这是什么问题?我该如何尝试解决它?
答案1
按照本教程在 Postfix/Dovecot 中设置 SSL 证书/密钥: http://www.iredmail.org/docs/use.a.bought.ssl.certificate.html
答案2
我必须使用的是 fullchain 而不是 cert 例如:
acmetool want mail.awesome-server.io
## nginx conf
ssl on;
ssl_certificate /var/lib/acme/live/mail.awesome-server.io/fullchain;
ssl_certificate_key /var/lib/acme/live/mail.awesome-server.io/privkey;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
## /etc/dovecot/dovecot.conf
ssl_cert = </var/lib/acme/live/mail.awesome-server.io/fullchain
ssl_key = </var/lib/acme/live/mail.awesome-server.io/privkey
service dovecot restart
postconf -e smtpd_tls_cert_file='/var/lib/acme/live/mail.awesome-server.io/fullchain'
postconf -e smtpd_tls_key_file='/var/lib/acme/live/mail.awesome-server.io/privkey'
service postfix restart