Results 1 to 3 of 3

Thread: Lets encrypt valid date issue with email/outlook

  1. #1
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,405

    Lets encrypt valid date issue with email/outlook

    I got a letsencrypt certificate for my domain which should expire juli 12th.
    When I check via command line it says this (running Letsencrypt 1.1.2.)
    Code:
    Lets Encrypt domain: mydomain.nl
    subjectAltName=DNS:mydomain.nl, DNS:mail.mydomain.nl, DNS:pop.mydomain.nl, DNS:smtp.mydomain.nl, DNS:www.mydomain.nl
    -- Created: Sat Apr 14 00:22:53 CEST 2018 - 1523658173
    -- Renewal: Wed Jun 13 00:22:53 CEST 2018
    -- Renewal in 30 days.
    Which should be correct. When visithing https://www.mydomain.nl and checking the info, it's all oke with expiration date juli 12th.

    However, when I chek my mail with outlook for that domain there is a security warning that the certificate date is not witin a valid date, it says:

    Let's Encrypt authority X3
    Valid from 12-02-2017 till 13-05-2018

    It's European date, so it's valid from februari 12th till may 13th which is today.

    This is strange, because also SSLLABS site gives the validation date of july 12th as expiration date also for mail, and giving it an A rating.
    What can be causing this issue on this single domain?

    My date/time on my pc is correct.
    I'm running Outlook 2013 and Windows 10 v1803. I do not have issues with other ssl mail domains.
    The server is running Centos 6.9, Letsencrypt 1.1.2, Exim 4.91 with spamblocker exim.conf v.4.5.9.
    Last edited by Richard G; 05-13-2018 at 05:20 AM.
    Greetings, Richard.

  2. #2
    Join Date
    Sep 2015
    Location
    Arnhem, NL
    Posts
    372
    SSLLabs only does the check for https, not for mail (dovecot) Can you do the email test on internet.nl ?

    And do you use mail_sni? Did dovecot successfully reload after the renewal?

  3. #3
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,405
    Thank you for responding.

    There was no renewal yet, the renewal should only happen on june 12th, not today. So no renewal occured yet.
    I am using mail_sni and do not have issues with my other domain like another private domain and my company domain. It's just this one domain.
    I did the test on internet.nl and all was fine.

    However, your reply fixed the issue it seems.

    There was no renewal on my domain as you can see by the dates, but I just reloaded Dovecot to be sure there was not some old stuff from the letsencrypt update from 1.1.1 to 1.1.2 kept hanging and now it's working good.

    Seems Dovecot did not refresh somehow.
    Thanks!
    Last edited by Richard G; 05-13-2018 at 05:52 AM.
    Greetings, Richard.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •