Self signed certificate in certificate chain issue with e-mail notification setup...
I am connected to WAN with an public dynamic IP-adress. Do I need to create a DDNS and get a CA issued certification for that ddns domain and import this to the ZyWALL in order to get this to work?
Best Answers
-
Hi
Currently, we are not very clear about what situation you encounter. Could you provide more detailed information to us:
(1). I quoted the information you mentioned:
“When I try to setup the e-mail client for notifications in USG FLEX 100 the e-mail server test fails due to the ''Self signed certificate in certificate chain.”
Do you mean you configured Configuration >System > Notification>Mail Server but you couldn’t receive the notification e-mail due to the certificate is self-signed from USG Flex100? If so, could you share the screenshot of the Mail server settings to us? And the screenshot of the test failed ? Is the e-mail server yours or the public email server(such as gmail)? Could you share your network topology which includes email server, USG Flex100, and other hosts(AP, PC, servers) to us?
(2). Have you ever tried to enable port 587 with TLS Security and STARTTLS then to see if it is working? As below:
(3). Why do you expect after USG Flex 100 to import a certificate with DDNS domain name and then could solve your previous problem?
Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L
0 -
Zyxel_Jeff said:
Hi
Currently, we are not very clear about what situation you encounter. Could you provide more detailed information to us:
(1). I quoted the information you mentioned:
“When I try to setup the e-mail client for notifications in USG FLEX 100 the e-mail server test fails due to the ''Self signed certificate in certificate chain.”
Do you mean you configured Configuration >System > Notification>Mail Server but you couldn’t receive the notification e-mail due to the certificate is self-signed from USG Flex100? If so, could you share the screenshot of the Mail server settings to us? And the screenshot of the test failed ? Is the e-mail server yours or the public email server(such as gmail)? Could you share your network topology which includes email server, USG Flex100, and other hosts(AP, PC, servers) to us?
(2). Have you ever tried to enable port 587 with TLS Security and STARTTLS then to see if it is working? As below:
(3). Why do you expect after USG Flex 100 to import a certificate with DDNS domain name and then could solve your previous problem?
Hi Zyxel_Jeff.Thanks for the reply. I did solve the problem and it was due to my low experiance of authentication terms in IT. I simply thought that ''Authenticate Server'' check box for Mail Server Port was the same as SMTP Authentication. So I never ran any test without it...Regarding your third question. It was just a thouht that maybe the mail server wanted to validate the email client/sender ip adress somehow and maybe I could do this with a valid domain or DDNS certificate. But as I said, i do not have the proper experiance or education yet in IT to discuss this subject further, especially when it comes to Authentication and certificatesMany thanks1
All Replies
-
Hi
Currently, we are not very clear about what situation you encounter. Could you provide more detailed information to us:
(1). I quoted the information you mentioned:
“When I try to setup the e-mail client for notifications in USG FLEX 100 the e-mail server test fails due to the ''Self signed certificate in certificate chain.”
Do you mean you configured Configuration >System > Notification>Mail Server but you couldn’t receive the notification e-mail due to the certificate is self-signed from USG Flex100? If so, could you share the screenshot of the Mail server settings to us? And the screenshot of the test failed ? Is the e-mail server yours or the public email server(such as gmail)? Could you share your network topology which includes email server, USG Flex100, and other hosts(AP, PC, servers) to us?
(2). Have you ever tried to enable port 587 with TLS Security and STARTTLS then to see if it is working? As below:
(3). Why do you expect after USG Flex 100 to import a certificate with DDNS domain name and then could solve your previous problem?
Don't miss this great chance to upgrade your Nebula org. for free! https://bit.ly/4g2pS9L
0 -
Zyxel_Jeff said:
Hi
Currently, we are not very clear about what situation you encounter. Could you provide more detailed information to us:
(1). I quoted the information you mentioned:
“When I try to setup the e-mail client for notifications in USG FLEX 100 the e-mail server test fails due to the ''Self signed certificate in certificate chain.”
Do you mean you configured Configuration >System > Notification>Mail Server but you couldn’t receive the notification e-mail due to the certificate is self-signed from USG Flex100? If so, could you share the screenshot of the Mail server settings to us? And the screenshot of the test failed ? Is the e-mail server yours or the public email server(such as gmail)? Could you share your network topology which includes email server, USG Flex100, and other hosts(AP, PC, servers) to us?
(2). Have you ever tried to enable port 587 with TLS Security and STARTTLS then to see if it is working? As below:
(3). Why do you expect after USG Flex 100 to import a certificate with DDNS domain name and then could solve your previous problem?
Hi Zyxel_Jeff.Thanks for the reply. I did solve the problem and it was due to my low experiance of authentication terms in IT. I simply thought that ''Authenticate Server'' check box for Mail Server Port was the same as SMTP Authentication. So I never ran any test without it...Regarding your third question. It was just a thouht that maybe the mail server wanted to validate the email client/sender ip adress somehow and maybe I could do this with a valid domain or DDNS certificate. But as I said, i do not have the proper experiance or education yet in IT to discuss this subject further, especially when it comes to Authentication and certificatesMany thanks1
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight