SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Questions and discussion about web design, search engine optimisation and hosting

dimitris.vamvakas

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by dimitris.vamvakas » 2020-5-16 13:30

Hi Santeri! This post looks like it's the only one containing any information on the matter in general.
I have tried your solution, using linuxzone129.grserver.gr as my SMTP Server and SSL and 425 port.
Although all works out, I even get a confirmation mail from Google, when I try to send an email , when pushing the send button it is inactive, nothing happens. :o
Am a bit stuck now! :)
Dimitris

Santeri
Posts: 193
Joined: 2017-7-5 09:58

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by Santeri » 2020-5-16 20:35

dimitris.vamvakas wrote:
2020-5-16 13:30
Although all works out, I even get a confirmation mail from Google, when I try to send an email , when pushing the send button it is inactive, nothing happens. :o
Hmm. That is really weird, it has never happened to me. Have you tried disabling your browser add-ons? Does it happen with other web browsers? Can you send email normally when the sender is your gmail address?

If you send me a screenshot, I could take a look at it if I have any other ideas.

Cheers,

Santeri

GameEver

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by GameEver » 2020-5-21 22:00

Santeri! You are my saviour!

I configured the "real" name of my server (p3plcpnl0867.prod.phx3.secureserver.net) in the SMTP Server box and i can finally send emails!

The problem i have now is that emails that i send arrive with a Question Mark to other gmails and if you put the mouse over the image is says "Gmail couldn't verify that mydomain.com actually sent this message (and not a spammer)".

So i checked my email with this tool: https://www.checktls.com/TestReceiver
And everything returns 100% excepting "Cert", and the error i get is:

Code: Select all

Cert Hostname DOES NOT VERIFY (mail.gameeverstudio.com != *.prod.phx3.secureserver.net | DNS:*.prod.phx3.secureserver.net | DNS:prod.phx3.secureserver.net)
(see RFC-2818 section 3.1 paragraph 4 for info on wildcard ("*") matching)
So email is encrypted but the host is not verified
I already spent about 3 hours yesterday and 4 hours today chatting with GoDaddy Support and it is so useless it hurts. And i don't really understand much about all this. Do you know what this could be?

GameEver

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by GameEver » 2020-5-21 22:02

dimitris.vamvakas wrote:
2020-5-16 13:30
Hi Santeri! This post looks like it's the only one containing any information on the matter in general.
I have tried your solution, using linuxzone129.grserver.gr as my SMTP Server and SSL and 425 port.
Although all works out, I even get a confirmation mail from Google, when I try to send an email , when pushing the send button it is inactive, nothing happens. :o
Am a bit stuck now! :)
Dimitris
I experienced the same thing, you just have to Refresh your Gmail tab.

Santeri
Posts: 193
Joined: 2017-7-5 09:58

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by Santeri » 2020-5-21 23:50

GameEver wrote:
2020-5-21 22:00
The problem i have now is that emails that i send arrive with a Question Mark to other gmails and if you put the mouse over the image is says "Gmail couldn't verify that mydomain.com actually sent this message (and not a spammer)".

I already spent about 3 hours yesterday and 4 hours today chatting with GoDaddy Support and it is so useless it hurts. And i don't really understand much about all this. Do you know what this could be?
In Poople Gmail click the message with question mark open, then click from the message menu "Show original":
Image That will tell you what is wrong. The most common reason is missing or wrong SPF record in your DNS.

If you are using GoDaddy CPanel email with Gmail, your DNS should have these entries:

Code: Select all

@	604800	 IN 	TXT	"v=spf1 a mx ptr include:secureserver.net ~all"
mail	604800	 IN 	TXT	"v=spf1 a mx ptr include:secureserver.net ~all"
GoDaddy does not support DKIM or DMARC so those 2 will always fail. If you want them to work, too, to reduce the risk of your emails ending up to spam folders, you can try https://sendgrid.com/. It is free if you send no more than 100 emails per day.

GameEver

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by GameEver » 2020-5-22 01:50

Wow thanks for answering so fast!

I checked "Show Original". This is what i got:
SPF: SOFTFAIL with IP 184.168.200.142 Learn more
DKIM: 'FAIL' with domain gameeverstudio.com Learn more

According to what you said DKIM will always fail so i will see if i can solve the SPF.

I just did what you told me. I put "1 hour" in time, don't know if it is correct. I guess i have to wait 12 hours for this to propagate or something like that, right?
Image

That sendgrid you mentioned looks nice, i never send more than 100 emails in a day, ever. I will take a look at it.

iKooza

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by iKooza » 2020-5-31 02:00

I also had the same issue but I wasn't with GoDaddy.

I fixed this error by resolving the SSL certificate on the server for mail.yourdomain.com
Under "Manage SSL Hosts" in WHM, I realized that the SSL was red for the mail subdomain.
I disabled SSL for this domain and re-enabled this from WHM and forced to generate new keys. Once the mail subdomain was given a self-signed SSL certificate, the is got resolved instantly on Gmail.

Hope this helps - I spend a couple of hours figuring this out.

jungliboys

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by jungliboys » 2020-6-7 06:28

thanks brother its very helpful for me but after this removing problem .i am also facing for webmail verification massage not receive in my webmail. :( please brother help me for that

Santeri
Posts: 193
Joined: 2017-7-5 09:58

Re: SOLVED: TLS Negotiation failed, the certificate doesn't match the host., code: 0

Unread post by Santeri » 2020-6-7 11:43

jungliboys wrote:
2020-6-7 06:28
i am also facing for webmail verification massage not receive in my webmail.
Do you mean that gmail verification email does not come to your webmail? If you have your email already imported by gmail, then gmail will automatically lose those emails. You need to switch off "Check email from other accounts" until you have verified your email address(es).

Post Reply