When you issue a LE certificate from the web panel, the smtpd.crt and slapd.crt certificates remain self-signed.
This causes some SMTP clients to reject the connection with a certificate error.
I think it would be a good idea to use the first domain's certificate as an option. Or add the ability to select the certificate that will be used for SMTP in the web panel.
psychik
You're right. The Admin Panel only handles certificates for the web services (webmail, admin interface). SMTP and LDAP have their own certificate files, and they don't get updated when you deploy LE from the panel.
Though, you can try manually applying the LE certificate to SMTP as:
- Find the LE certificate files
- Copy them over the existing SMTP certs
- Fix permissions
- Restart the services
Back up your certs before touching anything. And since LE expires every 90 days, you'll either need to repeat this manually or script it.