SSL Cert for Listeners

willythunder · November 8, 2022, 7:38pm

Hi There

I’m trying to install a Letsencrypt Certificate for my axigen Mail Server. The Certificate is generated with the NGINX Proxy Manager using docker. From there i download the certificate files (cert2.pem, chain2.pem fullchain2.pem, privkey2.pem).

In Axigen, under SSL Certificates, i upload these 4 files and the show up as Valid.

After that i go to IMAP and edit the listener, i switch to SSL Settings and choose my before uploaded Certificate file, it shows as valid.

And there I’m stuck, i always get: Invalid path to certificate file or invalid certificate file!

Which file or path do I have to enter in “Certificate authorities file:”

Thanks for the help! Im searching the web for hours an find no solution.

Greetings Willy

indreias · November 9, 2022, 6:39am

Hello Willy,

Could you please confirm the OS type and Axigen version you are using?

Also, could you please provide some screen captures from WebAdmin so we could understand exactly when you are receiving the error?

From my knowledge uploaded SSL certificates are saved into the Axigen working directory (Linux default path is /var/opt/axigen) under certs subfolder so you may check if all is fine into that location.

HTH,
Ioan

willythunder · November 9, 2022, 7:45pm

hello loan

I’m running a Unraid-Server and the axigen Mail server ist on Docker. Axigen is Version 10.3.3.1.

under SSL-Certificates it looks like this (picture 1)

Im going into IMAP, then go to SSL-Settings and choose the SSL-Certificate (picrute 2 & 3)

It looksl like this, no matter what i do with the certificate authorities file: it always gets an error (picture 4)

hope you can identify my mistake

willythunder · November 9, 2022, 7:55pm

Pic 2

willythunder · November 9, 2022, 8:03pm

pic 3

willythunder · November 9, 2022, 8:05pm

pic 4

indreias · November 9, 2022, 8:11pm

Hello Willy,

Sorry for not paying more attention to your main question.

Because you have uploaded all cert specific files you could leave the Certificate authorities file set to ‘none’ (or empty).

HTH,
Ioan

willythunder · November 10, 2022, 7:43am

Yes, i tried that. Still get the same Error as i try to Enable this listener pic 4

indreias · November 15, 2022, 2:05pm

Hello Willy,

Could you please remove the certificate you have created under SSL Certificate and create a new one but only containing cert2.pem and privkey2.pem files?

If it confirms as valid in that section, what is happening if you try to set into the IMAP listener?

Please advice.

BR,
Ioan

Jay · November 17, 2022, 1:51pm

Hi there, the last advice surely will work. I am using the same with Letsencrypt. Just create a new file with the cert and priv file.

This is on this thread as well.