SSL for mail server

Question

I don't know if I am asking this in the right place. I have an SSL cert for my website, and I am trying to setup a mail server (same domain) using the same cert.

I am using Postfix and Dovecot. When I try logging in from Evolution mail client, I get an error "Peer failed to perform TLS handshake". When I try an online service to verify I get "Recipient address rejected: User unknown in local recipient table."

I guess my actual question is, can I actually use the same SSL cert for my website and my email server?

What do I do to debug next?

Answer 1

You can use a certificate you have for the web server also for your mail server as long as it matches the hostname you use to access your mail server. Of course the certificate need to properly setup at the mail server, i.e. include the necessary intermediate certificates similar to how it is (hopefully) setup on the web server.

I am using Postfix and Dovecot.

This means you need to take care of multiple configurations, both for SMTP in Postfix and IMAP/POP3 (whatever you use) in Dovecot. And in all cases the certificates subject/SAN must match the hostname you use to connect to the server.

When I try logging in from Evolution mail client, I get an error "Peer failed to perform TLS handshake".

There are not enough information about this setup to find out what exactly is causing the TLS error. It is not even clear if the error is caused when retrieving mail (IMAP/POP3, i.e. Dovecot) or while sending (Postfix).

When I try an online service to verify I get "Recipient address rejected: User unknown in local recipient table."

This has nothing to do with TLS at all. The test server simply tried to use a recipient which your mail server (Postfix) will not accept.

What do I do to debug next?

The next steps would probably be to check if the certificate matches the names you use in the first place and to look into log files for error messages or warnings. Following steps depend on what the result of these steps is.