Certificate self-signed in response for mail service in mail.domain.tld
-
Hi Everyone
,I'm not sure what's wrong so if someone can explain the best way for this
My cloudron dashboard is in <my.app.domainA.tld> and apps are in sub-domain <n1.app.domainA.tld>, <n1.app.domainB.tld> etc...
And my mail service in <mail.domain.tld>.
Unfortunaly, Clondron serve the seft-signed certificate in this case for <mail.domain.tld>
There are no certificate in root domain, so I need to generate one manually or i need to do somethink else ?
My DNS provider is manual. A record is present for mail domain.Thanks.
-
N nebulon marked this topic as a question on
-
@girish This is what I did initially but didn't seem to generate a certificate.
Having made several modifications in the meantime, I am a little confused about the possible reasons why the certificate is now present.
It's ok now.Maybe describe the way I've configured my mail service could help to understand and serve others :
- Creating root domain <domain.tld> if different from install
- Declare <mail> in mail server
- Configure DNS (A, MX, DKIM, DMARC) for your sub-domain <mail.domain.tld>
4 Activate inbound mailing
-> At this point, the DNS check should be all Green
For me, at this point, the certificate in response was seft-signed and DNS was green.
I've tried to "Renew certificates" but that didn't change anything.Solution or modifications (I presume than this is why the certificate as been generate):
I create the sub-domain <mail.domain.tld> in "Domains & Certificates" and activate inbound mail in mail service.
So I think this is not the right way, cause I have inbound mail active in <mail.domain.tld> for mail server AND <domain.tld> for my accounts.
For the moment it's functional but I would like to return to my previous configuration.
What do you think is not good?Thanks you .
-
@girish This is what I did initially but didn't seem to generate a certificate.
Having made several modifications in the meantime, I am a little confused about the possible reasons why the certificate is now present.
It's ok now.Maybe describe the way I've configured my mail service could help to understand and serve others :
- Creating root domain <domain.tld> if different from install
- Declare <mail> in mail server
- Configure DNS (A, MX, DKIM, DMARC) for your sub-domain <mail.domain.tld>
4 Activate inbound mailing
-> At this point, the DNS check should be all Green
For me, at this point, the certificate in response was seft-signed and DNS was green.
I've tried to "Renew certificates" but that didn't change anything.Solution or modifications (I presume than this is why the certificate as been generate):
I create the sub-domain <mail.domain.tld> in "Domains & Certificates" and activate inbound mail in mail service.
So I think this is not the right way, cause I have inbound mail active in <mail.domain.tld> for mail server AND <domain.tld> for my accounts.
For the moment it's functional but I would like to return to my previous configuration.
What do you think is not good?Thanks you .
@bloops are you saying you created a Domain called
mail.domain.tld? This is not needed. I think the certificate issue could simply be a matter of DNS propagation. Especially, with manual DNS, depending on your provider, this can take a while and Cloudron has no way to check . In such cases, it will start using a self signed certificate initially. There is a nightly cron job to renew certs and that would kick in and get a certificate eventually. -
G girish has marked this topic as solved on