trondandre When we use our own ssl chained certificate and test MTA-STS lookup we get an error message that HTTPS Policy Certificate is Invalid. If we switch to using Lets encrypt ssl certificate everything is ok and it says that HTTPS Policy Certificate is valid. We follow the Mailcow documentation and add both the chained certificate in the cert.pem file and the private key in key.pem in document : data/asset/ssl. Everything else in the testing on MTA-STS lookup looks good except that it says that HTTPS Policy Certificate is Invalid… Has anyone had the same problem or does anyone know a solution to this? Should we also add the certificate somewhere else since Mailcow added support for MTA-STS in version 09 as well?
ETNyx If you open https://mta-sts.yourdomain.tld/.well-known/mta-sts.txt any certificate errors and do you see mta-sts config?
trondandre ETNyx When i open it is comes up: this is not an secure site But if we change to use Let´s Encrypt it is ok
ETNyx Ok, you need to fix this,… Did you extend your own certificate to cover mta-sts.yourdomain.tld? In browser there should be more information about this error check it too,…
trondandre ETNyx Yes but i can not figure out how to fix this…. If i create an record from the qualified domain all is ok, but not with the another hosted domain. It is so when i adding an hosted domain (ex: test.no) and when use Let´s Encrypt , then Let´s Encrypt make an ssl cert. for this domain and all another hosted domain we are added to the mailcow mailserver?