1

Topic: SSL mismatch?

==== Required information ====
- iRedMail version: 0.8.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Linux/BSD distribution name and version: Debian 7.6
- Related log if you're reporting an issue:
====

I noticed, when trying to connect to my website via Lynx using https, I got the following message:

"SSL error:host(www.otakubell.com)!=cert(CN<server.otakubell.com>)-Continue? (y)"

How can I make the two match?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: SSL mismatch?

Looks like you changed your server hostname after iRedMail installation?

To fix it, just re-generate a new SSL cert with openssl, or the script shipped by iRedMail: iRedMail-0.8.7/tools/generate_ssl_keys.sh (Don't forget to update variables which starts with 'TLS_' in this file).

3 (edited by snarfies 2014-09-13 00:07:41)

Re: SSL mismatch?

Sorry, I am a bit new to SSL.

No, my hostname was always server.otakubell.com.  And I have my hosts file set so that www.otakubell.com and server.otakubell.com point 127.0.1.1.

generate_ssl_keys.sh has the following lines:

export HOSTNAME="$(hostname -f)"
export TLS_COMPANY="${HOSTNAME}"

So, I assume I can comment out that first line, and then put anything I like in that second line?  For example, if I change to
export TLS_COMPANY="*.otakubell.com", that should work?

4

Re: SSL mismatch?

Dear snarfies,

If this is your first time to generate a SSL certificate, it's the best opportunity to clearly understand it. Please read some tutorials found in Google.