[BUG] TSL/SSL Authentication error on poste.io
See original GitHub issuedovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS handshaking: SSL_accept() failed: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48
Error when trying to connect POP3 or IMAP through the Thunderbird mail client. The issue is it doesn’t make a connection behind the Caprover reverse proxy, the SSL certificate doesn’t get set in Poste itself.
But this works if you turn authentication off, which for obvious reasons is less than ideal. If I request a certificate it doesn’t work behind a reverse proxy.
Issue Analytics
- State:
- Created 3 years ago
- Comments:11 (3 by maintainers)
Top Results From Across the Web
Custom TLS settings - Poste.io documentation
Poste.io comes by default preconfigured by latest security measures. ... most current devices, some legacy devices can have problem to login or send...
Read more >Poste.io - can't login by mail application - bad SSL certificate
I've got error that my username or password is incorrect. I've double checked and username and password is ok. So I login into...
Read more >elastic/logstash - Gitter
Final] elasticsearch | at io.netty.handler.codec. ... Hi folks, has anyone got an idea of how to fix this connection/authentication problem?
Read more >Dollar Universe – Network Parameters – TLS/SSL Settings
Variable / Label I/S/D Description
U_SSL_PRIVATE_KEY. Key file name S privkey.pem by default
U_SSL_SERVER_CERT. Certificate file name S server.cer by default
U_SSL_CA_PATH. Path where CA certificate...
Read more >Transport Layer Security - Wikipedia
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
To close this Bug, a quick tutorial for Caprover One Click Install
To Activate SSL/TLS in Poste.io
Use Caprover let’s encrypt method
In {your app}'s HTTP Settings, activate SSL on your domain
In App Confg, add new folder in Persistent Directories
TLS / SSL is now activated, and your mail’s app can use it !
**If you want use Poste.io let’s encrypt, but loose https acces to your domain **
In {your app}'s HTTP Settings, don’t activate SSL on any domain, click on Edit Default NGINX Config AND remove thoses lines (present two times in the default config)
Used by Lets Encrypt
location /.well-known/acme-challenge/ {
root <%-s.staticWebRoot%>;
}
After app reboot, go to : http://yourcustomedomain.com/admin And to : System Settings => TLS Certificate Click on Add Let’s Encrypt certificate Execute Poste.io script
Hope this tutorial help you 😃
Yes, letting poste.io manage the certificate (method 2 that @laruche suggested) works. But with that, you loose https access to webamil and admin. That isn’t a very nice solution.
Did anyone get it to work with the caprover certificates?