ZoneEdit's TLS cert expired?

JR250

New Member
Hello,

My SMTP/TLS test says mx-caprica.zoneedit.com's TLS cert appears expired. The test server allows for expired certs so mail traffic is still encrypted but other SMTP senders might drop the handshake if they detect an expire cert. I'm likely missing something here.

SMTP test reference: checktls.
com/TestReceiver

Regards,
JR
 

Migou32

New Member
Hi,
I have multiple mailmaps programmed on my domain

I wonder if this cert. expired could explain multiple emails that are not received, but others from different origin isp are.

i have tested emails adressed to me originated from gmail and yahoo are delivered immediately, but emails from two local isp that we use are not received at all.
 

JR250

New Member
Hello,

Thanks for your comment, Migou32. Is there someone here from ZE that can comment on whether the TLS results are an issue?

[000.094]
We can use this server [000.100]
TLS is an option on this server [000.103] --> STARTTLS [000.135] <-- 220 2.0.0 Ready to start TLS [000.136]
STARTTLS command works on this server [000.291]
Connection converted to SSL
SSLVersion in use: TLSv1_2
Cipher in use: ECDHE-RSA-AES128-GCM-SHA256
EXPIRED: Certificate 1 of 3 in chain: Cert VALIDATION ERROR(S): certificate has expired
So email is encrypted but the recipient domain is not verified
Cert Hostname VERIFIED (mx-caprica.zoneedit.com = *.zoneedit.com | DNS:*.zoneedit.com | DNS:zoneedit.com)
cert not revoked by CRL
cert not revoked by OCSP
serialNumber=08:ea:fc
subject= /CN=*.zoneedit.com
issuer= /C=US/O=GeoTrust Inc./CN=RapidSSL SHA256 CA - G3

Thanks,
JR
 
Top