How to set up TLS on hMailServer?

Solution 1:

Either you or the CA had to create a private/public key pair, before the CA signed the public key. You need the private key in order to decrypt the TLS traffic.

If you created the key pair, then you have the private key file. If the CA created it, then they have it and you need to get it from them.

Solution 2:

You've got Yourself a SSL certificate for your domain, I think you have exported certificate without private key. A ".cert" (or ".cer" or ".crt") file usually contains a single certificate, alone and without any wrapping (no private key, no password protection, just the certificate).

Ex- Some CAs store the certificate's private key in a Private Key (.pvk) file and store the certificate and public key in a .spc or .cer file. ".pfx" file contains a certificate (possibly with its assorted set of CA certificates) and the corresponding private key.

Use bellow

• Choose Yes, export the private key and include all certificates in certificate path if possible.

Warning: Do not select the delete private key option.

The .pfx file is now saved to the location you selected. --> Go To hMailServer Adminisrator --> Select Settings --> Advanced Option --> SSL certificates

• Name Give Any name
• Certificate file-C:\Users\Administrator\Desktop\certificate.pfx
• Private key file-C:\Users\Administrator\Desktop\certificate.pfx

A ".pfx" file is a PKCS#12 archive: a bag which can contain a lot of objects with optional password protection; but, usually, a PKCS#12 archive contains a certificate (possibly with its assorted set of CA certificates) and the corresponding private key. https://www.digicert.com/ssl-support/pfx-import-export-iis-7.htm