6 – Self-signed SSL error on Outlook/Thunderbird

You are here:
< Back

After creating an email account in CyberPanel some users would like to configure their email accounts to third party email clients such as Outlook or Thunderbird.

Both these clients have auto-discover functionality, this functionality will try to automatically configure your email settings so that end-user won’t have to do anything. For example, if on Thunderbird I configure:

Thunderbird may suggest the following settings:

Server hostname: mail.cyberpanel.net

IMAP Port: 143

Now Thunderbird will be looking for a valid SSL for mail.cyberpanel.net and if valid SSL is not offered by the server you will get a self-signed SSL error.

How to resolve Self-signed SSL Error

After version v1.9.4 of CyberPanel, upon website creation, will create mail.domain.com as a child domain to currently creating website and also issue SSL for it. Then CyberPanel will add edit /etc/dovecot/dovecot.conf and add the following to the file:

local_name mail.domain.com {
  ssl_cert = </etc/letsencrypt/livemail.domain.com/fullchain.pem
  ssl_key = </etc/letsencrypt/live/mail.domain.com/privkey.pem

and then restart dovecot service using systemctl restart dovecot. This way there will be no SSL errors on either Outlook or Thunderbird.

Manually setting this up

Let say you are on some of the old versions of CyberPanel or you have already created a website before upgrading to v1.9.4. You can go ahead and create mail.domain.com as a child-domain to your master domain also make sure to issue SSL for this domain. Then open /etc/dovecot/dovecot.conf and append following to the end of the file

local_name mail.domain.com {
  ssl_cert = </etc/letsencrypt/live/mail.domain.com/fullchain.pem
  ssl_key = </etc/letsencrypt/live/mail.domain.com/privkey.pem

and finally restart dovecot using systemctl restart dovecot

Connect again using a mail client and you should not see the error.


Author's page
Cyber Panel

Leave a Reply