[BlueOnyx:22473] TLS/SSL not work after install letsencrypt.org cert.
Mon Chan
mon.chan at gmail.com
Tue Nov 6 23:43:49 -05 2018
Hi
We planing buy to cert for BX5207R (Centos 6.5/32Bit) and install the new
cert to test, the cert register at www.sslforfree.com(letsencrypt.org)
BX admin and dovecot is success install the cert.
But the sendmail TLS/SSL services is NOT working. and show the error at
below.(465 and 587 is same error.)
and we just update sendmail.mc and make all after edit.
Anyone can help this issue?
### We just update this three line , make all still not worling
define(`confCACERT',`/usr/share/ssl/certs/server.ca')
define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.crt')
define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.key')
###
##
LOCAL_CONFIG
O CipherList=HIGH:!ADH
O DHParameters=/etc/pki/tls/certs/dhparams.pem
O ServerSSLOptions=+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3
+SSL_OP_CIPHER_SERVER_PREFERENCE
O ClientSSLOptions=+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3
This is the error.
[root at mail ~]# openssl s_client -showcerts -connect mail.xxxx.hk:587
CONNECTED(00000003)
3077637868:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
protocol:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 247 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20181107/d730ebc3/attachment.html>
More information about the Blueonyx
mailing list