I really can't make disappear mismatch errors for SSL

Bibi40k

Verified User
Joined
Sep 5, 2013
Messages
18
Hi,
i found this subject so many times, i read ten's of comment and no success :(

First of all, SNI works and all certs are accepted by all email clients and browsers.

The only think i hate is when i check mail.domain.com on https://www.ssllabs.com/ or https://www.sslshopper.com/ it gives me the mismatch error and returns hostname.server.com. That cert i requested only for the server with
Code:
./letsencrypt.sh request_single `hostname` 4096

If i check for domain.com everything is green and returns domain.com,mail.domain.com,ftp.domain.com,webmail.domain.com,www.domain.com which is correct and generated at user level.

Services:
DirectAdmin 1.53.2
Exim 4.91
dovecot 2.3.2.1 (0719df592)

Config files:
directadmin.conf
SSL=1
enable_ssl_sni=1
mail_sni=1

Note:
i've checked both on domains managed by admins (not "admin" user) and regular users.

I think i'm going crazy :D What am i missing ?

Thank you very much.
 
Last edited:
I think i'm going crazy What am i missing ?
I think these tests are in normal mode only testing web domains, not mail domains which is a difference. So you can test domain name or servers hostname on ssllabs.com
Not a subdomain like which in fact mail.somedomain.com also is.
And I doubt very much that your server's hostname is mail.domain.com or is it? So I have the same issue on ssllabs.com when using subdomains (ftp, mail, smtp).

However, a test on sslshopper.com works, did you test this way?
https://www.sslshopper.com/ssl-checker.html
then fill in:
mail.domain.com:465

and if everything should be green.

If not, something else is missing.
 
2023-11-09_09-31-17.png
 
Your DNS and hostname is still wrong, please search on this forum. explained and solved many times.
Please don't necro post, this thread is from 2018 !
 
Back
Top