Sempiterna
Verified User
I found out today that I can no longer send e-mail using exim:
TLS error on connection from aa.bbb.com (bb.cc.com) [111.111.111.111] (SSL_accept): error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired
After a while I found out that the hostname/exim cert expired on september 21st. I don't know when DA usually renews LetsEncrypt certificates, but something went wrong there. I tried to renew the certificate using the GUI, but eventhough it renewed the certificate, it did not update the certificates in the /etc/httpd/conf/ssl.crt directory, nor the exim certificate in the /etc directory.
I then manually copied the certificates, chain and key to the directories and restarted exim and httpd. That worked for httpd, but exim now shows:
TLS error on connection from aa.bbb.com (bb.cc.com) [111.111.111.111] (SSL_accept): error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca
What CA is this error talking about? I copied everything (cert and chain). And how can I force DA to do what it usually does after renewing a hostname/exim certificate?
TLS error on connection from aa.bbb.com (bb.cc.com) [111.111.111.111] (SSL_accept): error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired
After a while I found out that the hostname/exim cert expired on september 21st. I don't know when DA usually renews LetsEncrypt certificates, but something went wrong there. I tried to renew the certificate using the GUI, but eventhough it renewed the certificate, it did not update the certificates in the /etc/httpd/conf/ssl.crt directory, nor the exim certificate in the /etc directory.
I then manually copied the certificates, chain and key to the directories and restarted exim and httpd. That worked for httpd, but exim now shows:
TLS error on connection from aa.bbb.com (bb.cc.com) [111.111.111.111] (SSL_accept): error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca
What CA is this error talking about? I copied everything (cert and chain). And how can I force DA to do what it usually does after renewing a hostname/exim certificate?