Year: 2020

email – TLS – Cert Hostname DOES NOT VERIFY – Stack Overflow

Jovan Stosic March 7, 2020

After an SSL certificate change on my virtual server running plesk and ubuntu I suddenly run into an email issue.

Cert Hostname DOES NOT VERIFY (mail.koemanmotoren.nl != www.koemanmotoren.nlhttp://www.checktls.com/perl/TestReceiver.pl

mail: e.g. kleding@koemanmotoren.nl

Indeed this site seems to verify that the hostname is mail.koemanmotoren.nl https://www.ssllabs.com/ssltest/analyze.html?d=koemanmotoren.nl

However I have changed every single hostname I could find, while changing it in plesk or via SSH it automatically changes it anyway everywhere, but somewhere must been another hostname noted?

The certificate is purchased and verified for koemanmotoren.nl and www.koemanmotoren.nl

Source: email – TLS – Cert Hostname DOES NOT VERIFY – Stack Overflow

email – TLS – Cert Hostname DOES NOT VERIFY – Stack Overflow was last modified: March 7th, 2020 by Jovan Stosic

Cert Hostname DOES NOT VERIFY – Plesk Help Center

Jovan Stosic March 7, 2020

Symptoms

  • It is not possible to set up mail client to use secure connection because of SSL warning message about bad certificate
  • If check security with online tools like SSL Labs , it shows warnigns as the following one:

    Cert Hostname DOES NOT VERIFY (mail.example.com != *.example.com | DNS:*.*.example.com | DNS:*.example.com)
    So email is encrypted but the host is not verified

Cause

  • The installed SSL certificate is not wildcard.
  • The multidomain certificate is used and mail.example.com is absent.
  • The mail server certificate is checked using a certificate for a domain that is not used to secure the mail server.

Resolution

Install SSL wildcard certificate or request new SSL certificate having required domain in the list.

In case of multidomain certificate X509v3 Subject Alternative Name should be checked for a domain name.

openssl s_client -showcerts -connect mail.example.com:25 -starttls smtp 2>/dev/null | sed -ne ‘/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p’ | openssl x509 -noout -text | grep DNS

Note: When connecting to the mail server, make sure to use the domain name in the certificate issued during securing Plesk mail server.
Advise your customers to do the same. Otherwise, the mail client software may be unable to verify the mail server identity, which may cause issues when sending or receiving mail, like this one.

Source: Cert Hostname DOES NOT VERIFY – Plesk Help Center

Cert Hostname DOES NOT VERIFY – Plesk Help Center was last modified: March 7th, 2020 by Jovan Stosic

Roberta Flack – Wikipedia

Jovan Stosic March 7, 2020

Roberta Cleopatra Flack (born February 10, 1937) is an American singer. She is known for her No. 1 singles “The First Time Ever I Saw Your Face“, “Killing Me Softly with His Song“, “Feel Like Makin’ Love“; and “Where Is the Love” and “The Closer I Get to You“, two of her many duets with Donny Hathaway.

Flack is the only solo artist to win the Grammy Award for Record of the Year on two consecutive years: “The First Time Ever I Saw Your Face” won at the 1973 Grammys and “Killing Me Softly with His Song” won at the 1974 Grammys.

https://en.wikipedia.org/wiki/Roberta_Flack

Roberta Flack – Wikipedia was last modified: March 7th, 2020 by Jovan Stosic