- Plesk for Linux
Outgoing mail delivery to Gmail (or other server which has SSL enabled and configured with valid certificate) accounts fails with error in
from=<firstname.lastname@example.org>, size=666, nrcpt=1 (queue active)
certificate verification failed for gmail-smtp-in.l.google.com: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority
There may be another address of Gmail's SMTP server, like
. This solution is valid for any cases where messages contain
Certificate Authority (CA) certificate is missing in
The server does not trust valid CAs.
Make sure that file
/etc/pki/tls/certs/ca-bundle.crtexists (it contains information about valid CAs).
Update OpenSSL package if possible in order to get fresh version of CA bundle.
/etc/postfix/main.cffile as shown below:
# grep smtp_tls_CAfile /etc/postfix/main.cf
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
Restart postfix daemon to apply the changes:
# /etc/init.d/postfix restart
Stopping postfix: [ OK ]
Starting postfix: [ OK ]