Community Discussions and Support
incoming smtp from gmail

I installed the 4.91 upgrade and it looks good. Created a self-signed certificate and that now works.


Everything on the mail server is working properly except it won't accept incoming smtp connections from gmail. It looks like an SSL issue, so I created a certificate request (which also works now, thank you) and purchased a certificate. The Mercury documentation does not quite line up with the certificate provided, and I am having trouble following the instructions. I think some sort of conversion or modification of the certificate may be required in some cases. Also, it is not clear if the old self-signed certificate can remain in place or needs to be revoked or deleted or what.


Could we get some clarity on exactly what the purchased certificate needs to look like, what type, where it should be installed, and any other special instruction?


I hate doing anything with certificates, they always seem to be trouble.


I installed the 4.91 upgrade and it looks good. Created a self-signed certificate and that now works. Everything on the mail server is working properly except it won't accept incoming smtp connections from gmail. It looks like an SSL issue, so I created a certificate request (which also works now, thank you) and purchased a certificate. The Mercury documentation does not quite line up with the certificate provided, and I am having trouble following the instructions. I think some sort of conversion or modification of the certificate may be required in some cases. Also, it is not clear if the old self-signed certificate can remain in place or needs to be revoked or deleted or what. Could we get some clarity on exactly what the purchased certificate needs to look like, what type, where it should be installed, and any other special instruction? I hate doing anything with certificates, they always seem to be trouble.
edited Nov 8 '22 at 5:04 pm

there was a bounce message from googlemail.com:
TLS Negotiation failed: FAILED_PRECONDITION: starttls error (71): 26352731937800:error:1000012esmileSL routines:OPENSSL_internal:KEY_USAGE_BIT_INCORRECT:third_party/openssl/boringssl/src/ssl/ssl_cert.cc:607


Is the Key_usage_bit set in Mercury or in the certificate?
I have also tried a purchased certificate; it had the same problem.


there was a bounce message from googlemail.com: TLS Negotiation failed: FAILED_PRECONDITION: starttls error (71): 26352731937800:error:1000012e:SSL routines:OPENSSL_internal:KEY_USAGE_BIT_INCORRECT:third_party/openssl/boringssl/src/ssl/ssl_cert.cc:607 Is the Key_usage_bit set in Mercury or in the certificate? I have also tried a purchased certificate; it had the same problem.
edited Nov 9 '22 at 5:07 pm

maybe we could get some more detail about certificate usage in mercury mail? I went through the help file on this, but it was not terribly informative. For example, the certificate issuer I used issues only ".crt" certs. They claim that is the same as a .pem... but maybe Mercury doesn't see it that way?


i don't know what to do next.


maybe we could get some more detail about certificate usage in mercury mail? I went through the help file on this, but it was not terribly informative. For example, the certificate issuer I used issues only ".crt" certs. They claim that is the same as a .pem... but maybe Mercury doesn't see it that way? i don't know what to do next.
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Pending draft ... Click to resume editing
Discard draft