You need to set up the menu from Wordpress admin.
Kwi 13, 2020
marcin

TLS Negotiation failed, the certificate doesn’t match the host. SOLVED!!!

Since start of April many people have problems with delivering of mails by Gmail. I also had this problem. Here you can find step by step way how I solved it.

  1. Go to Gmail settings , Accounts tab, send as, choose email and click edit information. Popup will appear, click next and you will see something like that:

2. Copy SMTP server value and go to website https://www.checktls.com/TestReceiver . In „eMail Target” field paste your SMTP server name and click Run test.

3. You will get answer like that:

4. There may be two reasons of failing cert test:

  • Improper name of the server
  • Invalid/self-signed certificate

to find out what is your problem, please scroll down to see details of cert test.

5. If you have improper name of the server value in Gmail, there will be output like that. Your SMTP server name does not match to real name of server (how it introduce itself to other servers).

6. All you have to do in this case, is to go back to Gmail settings and change name of server to proper name of server.

7. Then go back to https://www.checktls.com/TestReceiver and type proper name of server

8. If output is like below congratulations! I have done it!

9. But if error persists scroll down to see what is the problem

10. As you see you probably use self-signed certificate. To solve it you MUST be system administrator on your server, if you are not, please send him link to this article. Now you have to obtain valid certificate. The best and cheapest way (actually free) to do it is use Certbot app to obtain one.

11. . Now log in into shell of your server and install Certbot. In Centos type:

yum -y install epel-release
yum -y install certbot python-certbot-apache

In Debian

sudo apt-get update
sudo apt-get install certbot

In Ubuntu

sudo apt-get update
sudo apt-get install software-properties-common
sudo add-apt-repository universe
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install certbot

12. To get certificate, run command

certbot --expand -d fqdn.domain.com

Of course change fqdn.domain.com to your email server name. Application will get certificate for your server. It will be written to directory /etc/letsencrypt/live/

13. Then you have to change your certificates used by Postfix.

First backup existing certyficates

cd /etc/postfix

mv smtpd.cert smtpd.cert.bak

mv smtpd.key smtpd.key.bak

Then link new certificates to Postfix

ln -s /etc/letsencrypt/live/fullchain.pem smtpd.cert

ln -s /etc/letsencrypt/live/privkey.pem smtpd.key

And finally reboot Postfix and Dovecot (if you use Courier, Postfix and Courier)

service postfix restart

service dovecot restart

14. And that is it. I hope it will work for you!

Comments are closed.

Dyżury: Z uwagi na małe zainteresowanie moimi dyżurami zrezygnowałem z ich odbywania. Aby ułatwić dostęp do mnie zapraszam do kontaktu telefonicznego: 601 53 4321

Rada Miasta

Facebook

RAPORT Mama w Gorzowie