Hello,
Because the error is mentioning that the certificate doesn’t match the host this should point somehow that the certificate served by your Axigen server does not match for the hostname used for the secured connection.
Let’s say that you have obtained the certificate for mail.my-special-domain.tld and you have installed it in Axigen on a listener using 0.0.0.0:465.
Now, you should be able to double check the certificate using an online tool like:
- SSL Shopper >> SSL Checker | very fast results, normally within 4 seconds
- SSL Checker >> SSL Checker
- SSL Store >> SSL Checker
Note: you should specify the server name like mail.my-special-domain.tld:465
otherwise it will check the certificate from the default port (which is the one for HTTPS = 443)
or you may also check it by yourself using openssl like:
$ openssl s_client -connect mail.my-special-domain.tld:465 -crlf
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = mail.my-special-domain.tld
verify return:1
---
Certificate chain
0 s:/CN=mini.axigen.com
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
1 s:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
...
---
220 mail.my-special-domain.tld Axigen ESMTP ready
quit
221-mail.my-special-domain.tld ESMTP is closing connection
221 Good bye
HTH,
Ioan