Hi together, i have problems with sending mails to gmx. I always get a TLS handshake failure when sending mail. I tested with other providers which work fine. Google, Vodafone work fine. My setup is as following: - Mailcow on a dedicated VM behind NGINX Proxy Manager - All ports are forwarded to Mailcow - Copied the Certs (cert1.pem -> cert.pem and privkey1.pem -> key.pem) from NGINX to Mailcow and disabled Letsencrypt on Mailcow, restarted Mailcow - Certs are only for mail.mydomain.com, not autoconf .* or autodiscover.* I tested my config with https://www.checktls.com/ but this is also showing me a TLS error: `Cert VALIDATION ERROR(S): unable to get local issuer certificate` Mailcow logs show me for example: `SSL_connect error to mta7.am0.yahoodns.net[67.195.204.72]:25: Connection timed out` I dont know how to debug further :(

Yet another TLS Handshake Failure Question - GMX and Yahoo not working

Hi together,

i have problems with sending mails to gmx. I always get a TLS handshake failure when sending mail.

I tested with other providers which work fine. Google, Vodafone work fine.

My setup is as following:

Mailcow on a dedicated VM behind NGINX Proxy Manager
All ports are forwarded to Mailcow
Copied the Certs (cert1.pem -> cert.pem and privkey1.pem -> key.pem) from NGINX to Mailcow and disabled Letsencrypt on Mailcow, restarted Mailcow
Certs are only for mail.mydomain.com, not autoconf .* or autodiscover.*

I tested my config with https://www.checktls.com/ but this is also showing me a TLS error:

Cert VALIDATION ERROR(S): unable to get local issuer certificate

Mailcow logs show me for example:

SSL_connect error to mta7.am0.yahoodns.net[67.195.204.72]:25: Connection timed out

I dont know how to debug further 🙁

MrSliff Copied the Certs (cert1.pem -> cert.pem and privkey1.pem -> key.pem)

The docs state, that you need to use “save the combined certificate (containing the certificate and intermediate CA/CA if any) to data/assets/ssl/cert.pem”
https://docs.mailcow.email/post_installation/firststeps-ssl/#how-to-use-your-own-certificate

What you did is only copy the certificate itself, you should copy the fullchain.pem -> cert.pem…

Ah, damn i knew it. Sorry, will try again!