SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Questions and discussion about web design, search engine optimisation and hosting

dimitris.vamvakas

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by dimitris.vamvakas » 2020-5-16 13:30

Hi Santeri! This post looks like it's the only one containing any information on the matter in general.
I have tried your solution, using linuxzone129.grserver.gr as my SMTP Server and SSL and 425 port.
Although all works out, I even get a confirmation mail from Google, when I try to send an email , when pushing the send button it is inactive, nothing happens. :o
Am a bit stuck now! :)
Dimitris

Santeri
Posts: 167
Joined: 2017-7-5 09:58

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by Santeri » 2020-5-16 20:35

dimitris.vamvakas wrote:
2020-5-16 13:30
Although all works out, I even get a confirmation mail from Google, when I try to send an email , when pushing the send button it is inactive, nothing happens. :o
Hmm. That is really weird, it has never happened to me. Have you tried disabling your browser add-ons? Does it happen with other web browsers? Can you send email normally when the sender is your gmail address?

If you send me a screenshot, I could take a look at it if I have any other ideas.

Cheers,

Santeri

GameEver

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by GameEver » 2020-5-21 22:00

Santeri! You are my saviour!

I configured the "real" name of my server (p3plcpnl0867.prod.phx3.secureserver.net) in the SMTP Server box and i can finally send emails!

The problem i have now is that emails that i send arrive with a Question Mark to other gmails and if you put the mouse over the image is says "Gmail couldn't verify that mydomain.com actually sent this message (and not a spammer)".

So i checked my email with this tool: https://www.checktls.com/TestReceiver
And everything returns 100% excepting "Cert", and the error i get is:

Code: Select all

Cert Hostname DOES NOT VERIFY (mail.gameeverstudio.com != *.prod.phx3.secureserver.net | DNS:*.prod.phx3.secureserver.net | DNS:prod.phx3.secureserver.net)
(see RFC-2818 section 3.1 paragraph 4 for info on wildcard ("*") matching)
So email is encrypted but the host is not verified
I already spent about 3 hours yesterday and 4 hours today chatting with GoDaddy Support and it is so useless it hurts. And i don't really understand much about all this. Do you know what this could be?

GameEver

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by GameEver » 2020-5-21 22:02

dimitris.vamvakas wrote:
2020-5-16 13:30
Hi Santeri! This post looks like it's the only one containing any information on the matter in general.
I have tried your solution, using linuxzone129.grserver.gr as my SMTP Server and SSL and 425 port.
Although all works out, I even get a confirmation mail from Google, when I try to send an email , when pushing the send button it is inactive, nothing happens. :o
Am a bit stuck now! :)
Dimitris
I experienced the same thing, you just have to Refresh your Gmail tab.

Santeri
Posts: 167
Joined: 2017-7-5 09:58

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by Santeri » 2020-5-21 23:50

GameEver wrote:
2020-5-21 22:00
The problem i have now is that emails that i send arrive with a Question Mark to other gmails and if you put the mouse over the image is says "Gmail couldn't verify that mydomain.com actually sent this message (and not a spammer)".

I already spent about 3 hours yesterday and 4 hours today chatting with GoDaddy Support and it is so useless it hurts. And i don't really understand much about all this. Do you know what this could be?
In Poople Gmail click the message with question mark open, then click from the message menu "Show original":
Image That will tell you what is wrong. The most common reason is missing or wrong SPF record in your DNS.

If you are using GoDaddy CPanel email with Gmail, your DNS should have these entries:

Code: Select all

@	604800	 IN 	TXT	"v=spf1 a mx ptr include:secureserver.net ~all"
mail	604800	 IN 	TXT	"v=spf1 a mx ptr include:secureserver.net ~all"
GoDaddy does not support DKIM or DMARC so those 2 will always fail. If you want them to work, too, to reduce the risk of your emails ending up to spam folders, you can try https://sendgrid.com/. It is free if you send no more than 100 emails per day.

GameEver

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by GameEver » 2020-5-22 01:50

Wow thanks for answering so fast!

I checked "Show Original". This is what i got:
SPF: SOFTFAIL with IP 184.168.200.142 Learn more
DKIM: 'FAIL' with domain gameeverstudio.com Learn more

According to what you said DKIM will always fail so i will see if i can solve the SPF.

I just did what you told me. I put "1 hour" in time, don't know if it is correct. I guess i have to wait 12 hours for this to propagate or something like that, right?
Image

That sendgrid you mentioned looks nice, i never send more than 100 emails in a day, ever. I will take a look at it.

Post Reply