Let's Encrypt stopped renewing certificate with Error Unable to create a new order. Error creating new order :: Cannot issue for "mta-sts.": Domain name ends in a dot
MTA-STS Enabled: Yes
Configuration Steps: Step 1: Enable STARTTLS for SMTP Completed Your Xeams configured to use STARTTLS.
Step 2: Publish mta-sts.txt Completed Xeams is configured to respond to https : / / mta-sts.BLAH.net / .well-known /mta-sts.txt, which will display the STS policy for BLAH.net
Step 3: Add a TXT record in your DNS server for _mta-sts.BLAH.net Completed A TXT record is correctly published for _mta-sts.BLAH.net.
Step 4: Add a TXT record in your DNS server for TLS-Reporting Completed A TXT record is correctly published for _smtp._tls.BLAH.net.
The STS-Policy for is set to the following text. version: STSv1 mode: testing max_age: 604800
These following are just statements, howerver mta-sts.BLAH.net does appear in my DNS.
DNS Changes for mta-sts. The hostname mta-sts. does not exist in your DNS server.
Steps: You can either add an A record for mta-sts. pointing to the public IP address (X.X.X.X) of Xeams, OR Add a CNAME record pointing to the A record (xeams.BLAH.net) where this server is running.
Add a new TXT record in your DNS server with the following values: Hostname: _mta-sts. Value: v=STSv1; id=20240404T010101;
Add a new TXT record in your DNS server with the following values: Hostname: _smtp._tls. Value: v=TLSRPTv1; rua=mailto:tlsrpt@
|