i have a certificate from startssl for my server. I do it like a lot of Tutorials in the internet. But I get ever the error message:
can't connect: Certificate failure for XXXXX.de: Server name does not match
certificate: /CN=localhost.localdomain
So i think dovecot don't use the right certificate. But I insert the certificates in 10-ssl.conf
ssl_ca = </etc/ssl/certs/ca-bundle.crt
ssl_cert = </etc/ssl/certs/www.mydoamin.de-2014-with-chain.pem
ssl_key = </etc/ssl/private/www.mydomain.de-2014.key
Postfix main.cf:
smtpd_tls_CAfile = /etc/ssl/certs/ca-bundle.crt
smtpd_tls_cert_file = /etc/ssl/certs/www.mydomain.de-2014-with-chain.pem
smtpd_tls_key_file = /etc/ssl/private/www.mydomain.de-2014.key
smtpd_tls_CApath = /etc/ssl/certs
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_CAfile = $smtpd_tls_CAfile
the pem file i create with this command:
cat www.mydomain.de-2014.crt sub.class1.server.ca.pem > www.mydomain.de-2014-with-chain.pem
The certificate work on apache, but dovecot and Postfix don't want them.
On my Server runs Ubuntu 14.04
Do you have any Ideas? Thank You
Ok, i found the error!
First in the file 99-mail-stack-delivery.conf are the snakeoil certificates, so i could write want i want in 10-ssl.conf, all overriden from it. And the next: I don't need to create the pem file. I write ssl_cert = <*.crt and it works!