Chrome HSTS (HTTP Strict Transport Security) warning

lumideez

After I successfully installed mailcow and I tried to access the UI. I got the Chrome HSTS (HTTP Strict Transport Security) warning and couldnt access the website. Is this a DNS issue… my domain is behind cloudflare.

Many thanks

accolon

I don’t know about Cloudflare, but currently mail.evolon.app is using a self-signed certificate.

Does Let’s Encrypt work on your server (see logs of the ACME container)? Do you have to generate or import certificates for/with Cloudflare?

You will need valid certificates for SMTP/IMAP anyway, basic/free Cloudflare services only support HTTPS.

lumideez

accolon let’sencrypt is working on my server. I thought once mailcow generates its certificate. there should no longer be any problem

accolon What do you think I should do please?

pkernstock

To quote @accolon:

accolon Does Let’s Encrypt work on your server (see logs of the ACME container)? Do you have to generate or import certificates for/with Cloudflare?

lumideez

pkernstock thanks all its my mistake on cloudflare. In the DNS record for MX i specified @ instead of the mail domain. which sent requests straight to the root domain