K9 Mail One Cert for All Domains Postfix & Dovecot

Howdy folks,

I have a Mail Server i host for my personal email as well as business for myself and parents however I have one Certificate for all Domains,


and so on but this K9 App doesn’t seem to like the Certificate when it updates i had to tell the App to use it, would anyone have any ideas ? my old phone never had this issue as it had a option for Accept all Certs in the built in app my new phone doesn’t have a built in mail app, but the K9 Mail doesn’t have Accept all Certificates. Or would it he possible to have it added as a feature?



Sounds like you’re using a self-signed certificate. Why don’t you use a free certificate by a trusted certificate authority, e.g. Let’s Encrypt?

Automatically accepting all certificates is not a feature. It’s a security bug.

1 Like


I am using a Lets Encrypt Cert for all the domains. I have all Domains in one Cert but K9 Mail hates it works with everything else tho. K9 Mail shows the Cert but it says it goes against the Domain, Here is the output from Certbot.

Found the following certs:
  Certificate Name: mailcert
    Domains: mail.bamfords mail.kkeng mail.violet
    Expiry Date: 2022-04-16 19:25:39+00:00 (VALID: 74 days)
    Certificate Path: /etc/letsencrypt/live/mailcert/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/mailcert/privkey.pem


I would suggest splitting certificates for different domains (not subdomains!) to different certificate files as you will have problems if your client runs into SNI denial…

I assume K-9 calls the IP after DNS lookup and tells the servers once after handshake which server (i.e. domain) it is looking for. After that, it ignores or doesn’t understand the SNI response…?

K-9 Mail checks the certificate against the server name entered under Settings → [Account] → Fetching mail → Incoming server → IMAP/POP3 server and Settings → [Account] → Sending mail → Outgoing server → SMTP server. Make sure those names match one in the server certificate.

If that doesn’t help, please post the exact error message K-9 Mail is displaying (or a screenshot).


Yes i see the problem now the Cert on the Mail Server has the hostname of mail but the app connects via smtp. and imap. they are missing from the Cert. Adding smtp and imap will fix the problem i guess.