[BlueOnyx:22475] Re: TLS/SSL not work after install letsencrypt.org cert.

Michael Stauber mstauber at blueonyx.it
Wed Nov 7 01:44:38 -05 2018

Hi Mon Chan,

> We planing buy to cert for BX5207R (Centos 6.5/32Bit) and install the
> new cert to test, the cert register at www.sslforfree.com
> <http://www.sslforfree.com>(letsencrypt.org <http://letsencrypt.org>)
> BX admin and dovecot is success install the cert.
> But the sendmail TLS/SSL services is NOT working. and show the error at
> below.(465 and 587 is same error.)
> and we just update sendmail.mc <http://sendmail.mc> and make all after
> edit. 
> Anyone can help this issue?
The ability to request Let's Encrypt Certificates is built into the
BlueOnyx GUI interface.

You can request LE-certs for individual Vsites as well as one for the
GUI interface itself. The one for the GUI interface is then *also* used
for Dovecot and Sendmail.

The request, install and renewal is all handled by the GUI and no
fiddling with config files is required.

Your changes to the Sendmail config are counter-productive, as you're
swapping our pretty secure ciphers and protocols to some that are more
or less garbage.

My recommendation would be to roll these modifications back and to use
the GUI to request an SSL certificate for the GUI. See "Server
Management" / "Security" / "SSL" and then click on the "Let's Encrypt"

With best regards

Michael Stauber

More information about the Blueonyx mailing list