Following the guide: https://kumomta.com/blog/using-letsencrypt-with-kumomta
I am getting a self signed certificate when connecting my email client using SMTP.
Providing the details requested above would be helpful.
what’s the error you’re getting anywhere?
I often run these commands in various screens to try and track down issues (plus whatever is connecting to Kumo is hopefully verbose):
/opt/kumomta/sbin/kcli trace-smtp-server- this is monitoring the incoming connections to KumoMTA (which is where I’m guessing your issue is)journalctl -fu kumomta- monitors system logs/opt/kumomta/sbin/tailer --tail /var/log/kumomta/ | jq- https://docs.kumomta.com/userguide/operation/logs/?h=tailer#using-tailer
And tailing the journal during a restart can be helpful. Usually TLS errors are about permissions
When checking the status of KumoMTA. I get an permission error.
There you go. The TLS cert is not accessible
Error in SmtpServer: Permission denied (os error 13)```From the blog post you cited initially…
sudo chgrp kumod /etc/letsencrypt/archive
and
sudo chmod 750 /etc/letsencrypt/archive
This allows the kumod group (and its only user) to access the certificate files directly. If you move the files to another directory, ensure that they have 644 permissions (-rw-r--r--) and are accessible by the kumod user. ```Personally, I would copy them out of the LE dir and into /opt/kumomta/etc/tls/ and set the right permissions there. LE may modify the permissions in their dir when they refresh the cert.
Now getting the following error:
ERROR localset-0 kumod::mod_kumo: Error in SmtpServer: failed to bind to 0.0.0.0:25: Address already in use (os error 98)
You haven’t shared your configs as per the bot, nor have you registered. Also one issue per thread pls.
Also, that error is kinda obvious…
“failed to bind to 0.0.0.0:25: Address already in use”