SMTP starttls certificate error

bfaler · May 21, 2025, 4:40pm

I’m pretty sure I’m missing something obvious here.. but I’ve got vaultwarden set up using an SSL certificate (not self signed) using Caddy - Web Vault is working fine, but I’m having trouble getting SMTP work unless I turn off starttls.

Whenever I try to send a test message I get the following: SMTP error: Connection error: Connection error: error: 0A000086:SSL routines:tls_post_process_server_certificate:certificate verify failed:…/ssl/statem/statem_clnt.c:1889: (self-signed certificate)

I’m guessing the problem is the SMTP connection is trying to use a self signed certificate rather than my actual one? Again, I can make it work if I turn off Secure SMTP - which honestly is probably OK in my case as my SMTP server is on my local network.. but I feel like I am missing something obvious here.

Can anyone offer any suggestions or point out what I am doing wrong here?

bfaler · May 27, 2025, 8:21pm

A little update here in case anyone else runs into this. The problem is apparently NOT vaultwarden at all, but the SSL certificate assigned the receive connector on my Exchange server.

I found some information here about how to assign a certificate to individual connectors, and now vaultwarden is able to send email using starttls:

Topic		Replies	Views
SMTP does not work Help	1	1543	August 18, 2022
SMTP Config Help needed Help	2	173	March 3, 2025
Vaultwarden Office365 SMTP Relay Configuration Help	4	1407	April 17, 2024
SMTP Configuration Help	2	583	January 6, 2025
Unable to send SMTP message with Exchange Help	0	472	November 24, 2022

SMTP starttls certificate error

Related topics