Hello,
I have received notice that some (one sender, specifically) outside email is failing. I checked the logs and see TLS/SSL errors:
Feb 13 11:49:42 spam postfix/smtpd[4538]: connect from foo.domain.org
Feb 13 11:49:42 spam postfix/smtpd[4538]: setting up TLS connection from foo.domain.org
Feb 13 11:49:42 spam postfix/smtpd[4538]: SSL_accept error from foo.domain.org
Feb 13 11:49:42 spam postfix/smtpd[4538]: warning: TLS library problem: 4538:error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown:s3_pkt.c:1259:SSL alert number 46:
Feb 13 11:49:42 spam postfix/smtpd[4538]: lost connection after STARTTLS from foo.domain.org
I am researching this error now but if there is a known solution please advise. I am running latest version (3.0.8)
Thanks,
Aaron
TLS/SSL errors
-
shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: TLS/SSL errors
Looks like the remote party is using a self-signed or otherwise untrusted cert...
-
shawniverson
- Posts: 3783
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: TLS/SSL errors
Also, because of security, SSLv3 is off...
You would need to downgrade your security to allow this connection...
You would need to downgrade your security to allow this connection...
Re: TLS/SSL errors
Shawn,
I am using a self-signed certificate as well. Is the problem with my certificate or theirs? They are running MS Exchange, not sure what version.
Thanks,
Aaron
I am using a self-signed certificate as well. Is the problem with my certificate or theirs? They are running MS Exchange, not sure what version.
Thanks,
Aaron
Re: TLS/SSL errors
To check your own or other certs try https://ssl-tools.net/