Email SSL problem

Arieh said:

I don't know how dovecot will react. But I wonder why you want it like that? Because you have configured the cert/key files, so at that moment you could check if it should be configured like that? (yourself or programmatically if you are working with that).

Click to expand...

Log onto incoming mail server (POP3): Your server does not support the connection encryption type you have specified. Try changing the encryption method. Contacy your mail server administrator or internet service provider (ISP) for additional assistance

Send test email message: Establishing an encrypted connection to your outgoing (SMTP) server failed. If this problem continues, contact your server administrator or internet service provider (ISP)

Click to expand...

openssl s_client -connect mail.pressurewasher.net:993
CONNECTED(00000003)
139687432210248:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:184:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 112 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---

Click to expand...

#EDIT#23:
#tls_certificate = /etc/exim.cert
#tls_privatekey = /etc/exim.key
#Edit by dan (from what was above to what is below)
tls_certificate = /etc/$received_ip_address.cert
tls_privatekey = /etc/$received_ip_address.key
tls_require_ciphers = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
tls_advertise_hosts = *
#auth_over_tls_hosts = *

Click to expand...

199.58.166.4.cert -> /usr/local/directadmin/data/users/cssadmin/domains/pressurewasher.net.cert
199.58.166.4.key -> /usr/local/directadmin/data/users/cssadmin/domains/pressurewasher.net.key

Click to expand...

openssl s_client -connect mail.pressurewasher.net:993
CONNECTED(00000003)
depth=0 C = US, ST = California, L = El Cajon, O = Cleaning System Specialists, OU = pressurewasher.net, CN = *.pressurewasher.net, emailAddress = [email protected]
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = California, L = El Cajon, O = Cleaning System Specialists, OU = pressurewasher.net, CN = *.pressurewasher.net, emailAddress = [email protected]
verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=El Cajon/O=Cleaning System Specialists/OU=pressurewasher.net/CN=*.pressurewasher.net/[email protected]
i:/C=US/ST=California/L=El Cajon/O=Cleaning System Specialists/OU=pressurewasher.net/CN=*.pressurewasher.net/[email protected]
---
Server certificate
-----BEGIN CERTIFICATE-----
MIID+jCCAuICCQCVKL46p9EUqjANBgkqhkiG9w0BAQUFADCBvjELMAkGA1UEBhMC
VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCEVsIENham9uMSQwIgYD
VQQKExtDbGVhbmluZyBTeXN0ZW0gU3BlY2lhbGlzdHMxGzAZBgNVBAsTEnByZXNz
dXJld2FzaGVyLm5ldDEdMBsGA1UEAxQUKi5wcmVzc3VyZXdhc2hlci5uZXQxJTAj
BgkqhkiG9w0BCQEWFmNzc0BwcmVzc3VyZXdhc2hlci5uZXQwHhcNMTQwMTAzMDYx
NTUyWhcNMTUwMTAzMDYxNTUyWjCBvjELMAkGA1UEBhM***MxEzARBgNVBAgTCkNh
bGlmb3JuaWExETAPBgNVBAcTCEVsIENham9uMSQwIgYDVQQKExtDbGVhbmluZyBT
eXN0ZW0gU3BlY2lhbGlzdHMxGzAZBgNVBAsTEnByZXNzdXJld2FzaGVyLm5ldDEd
MBsGA1UEAxQUKi5wcmVzc3VyZXdhc2hlci5uZXQxJTAjBgkqhkiG9w0BCQEWFmNz
c0BwcmVzc3VyZXdhc2hlci5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVbKj1JU5TBjIM4A+4IQHIcSYYMC6xTRe/rYZWCNbZOkUhxI7/n8BfAGIp
+jbmiVL0yeCWpHR3N5x1UydeguFXXRJ7WElXnsGIFUIobUyFEPgyqDd1xwXAknQT
0OTPAyjx7cb6H0RqDsTEEYAUjdlzLKImhIlqAlSuxCPfGPUzq/V7ODaK3Nu6rZug
ChqMHyb7rhEbmrG2S8Z6Z2u8RgwU0tY1gZeIKL1OVKYT2IgSm5D41VXdxDMe18Qc
5hyORksrM+AWeCFDzq347eoe/wg5EwYj4pPDL4JeTsrBFxPp9XhmX3/P8a5zii0b
SaZc1jZIJZkLimN9+0a9eoN4grl7AgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAFVd
OHR588m67TAloZs0Y7NNcq9FKxMWSvkrHPt1tdlUmKzW1Elz4D+e1FxA0d9mi3Ow
0yqBrFFCAvjg8SlVfYeLpVgAIIQ0f57ZvXsr1orxEP+Zjwrx0qZ0XkaiyBqM6G9U
IF7OQawshBomyg5QDsa1nkYqDtuS2PyZtm3Z9/c4GR0fsuKRtO5oap+6wnOr7KS1
+dZRX45O+KSmsLkUHydFFxzwUUuLAbODM/Sn8AxF3W6XMgATRLrPs5vBQdvAkKEX
Qft5tdEjdJUceyHbayqGza5eW+GOxmANurJ0pTC1uAHlcGnm3OOUI9oSDUTgkGhP
4a3qjS5y5E3ppEV58xM=
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=El Cajon/O=Cleaning System Specialists/OU=pressurewasher.net/CN=*.pressurewasher.net/[email protected]
issuer=/C=US/ST=California/L=El Cajon/O=Cleaning System Specialists/OU=pressurewasher.net/CN=*.pressurewasher.net/[email protected]
---
No client certificate CA names sent
---
SSL handshake has read 1868 bytes and written 310 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 1197F4BF6E26509960AD904935862B64CFDC1D6CEFF4C217F9281196A5154396
Session-ID-ctx:
Master-Key: 8F39C9F43437F0CAD05121637616AC79E138FA3968C860DA74684D2890DC163178A338A5181EFBB7ADAB2A13B2D656A4
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket:
0000 - ca 4d 62 51 4e 20 87 a9-91 ae 36 28 e7 ab bf 8c .MbQN ....6(....
0010 - 0c c9 3b 32 b0 f9 d5 85-63 f9 52 e1 bd c2 f5 c4 ..;2....c.R.....
0020 - 12 0d 74 b1 3a d6 1b 17-dd c9 44 0f 03 0a 2c 14 ..t.:.....D...,.
0030 - d3 0b 27 2c b3 e2 1b 74-c2 89 a2 d6 e1 c0 1f 46 ..',...t.......F
0040 - 8f d6 1a 71 18 29 b4 d4-1f 74 30 4f 5d 57 47 7e ...q.)...t0O]WG~
0050 - c2 f3 9a 72 8e 5b 45 f1-53 04 b3 b7 0d b0 aa 88 ...r.[E.S.......
0060 - b6 dc 6a 35 d2 06 89 2c-69 7e f2 02 ad 1e 67 e7 ..j5...,i~....g.
0070 - 1b 92 90 5f 6d 98 2f 6e-56 d5 b4 dc 04 22 85 fa ..._m./nV...."..
0080 - 0c 58 32 48 5a a7 37 35-08 1d 10 35 04 1e 75 09 .X2HZ.75...5..u.
0090 - 68 1a b6 e6 6b 0e c0 f9-a1 93 21 a8 bf 2d 94 45 h...k.....!..-.E
Start Time: 1388790596
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot DA ready.
* BYE Disconnected for inactivity.
closed

Click to expand...

openssl s_client -connect mail.pressurewasher.net:587 -starttls smtp
CONNECTED(00000003)
depth=0 C = US, ST = California, L = El Cajon, O = Cleaning System Specialists, OU = pressurewasher.net, CN = *.pressurewasher.net, emailAddress = [email protected]
verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = California, L = El Cajon, O = Cleaning System Specialists, OU = pressurewasher.net, CN = *.pressurewasher.net, emailAddress = [email protected]
verify return:1
---
Certificate chain
0 s:/C=US/ST=California/L=El Cajon/O=Cleaning System Specialists/OU=pressurewasher.net/CN=*.pressurewasher.net/[email protected]
i:/C=US/ST=California/L=El Cajon/O=Cleaning System Specialists/OU=pressurewasher.net/CN=*.pressurewasher.net/[email protected]
---
Server certificate
-----BEGIN CERTIFICATE-----
MIID+jCCAuICCQDjxLhk4nng6jANBgkqhkiG9w0BAQUFADCBvjELMAkGA1UEBhMC
VVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCEVsIENham9uMSQwIgYD
VQQKExtDbGVhbmluZyBTeXN0ZW0gU3BlY2lhbGlzdHMxGzAZBgNVBAsTEnByZXNz
dXJld2FzaGVyLm5ldDEdMBsGA1UEAxQUKi5wcmVzc3VyZXdhc2hlci5uZXQxJTAj
BgkqhkiG9w0BCQEWFmNzc0BwcmVzc3VyZXdhc2hlci5uZXQwHhcNMTQwMTA0MDAw
MTM4WhcNMTUwMTA0MDAwMTM4WjCBvjELMAkGA1UEBhM***MxEzARBgNVBAgTCkNh
bGlmb3JuaWExETAPBgNVBAcTCEVsIENham9uMSQwIgYDVQQKExtDbGVhbmluZyBT
eXN0ZW0gU3BlY2lhbGlzdHMxGzAZBgNVBAsTEnByZXNzdXJld2FzaGVyLm5ldDEd
MBsGA1UEAxQUKi5wcmVzc3VyZXdhc2hlci5uZXQxJTAjBgkqhkiG9w0BCQEWFmNz
c0BwcmVzc3VyZXdhc2hlci5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC51eTZBJ+PyJiQTWzl7p9OUhjIzf1E3tdCx92PJevc92RaQupNM+SkT6PM
BCxRlwwZH++ByZ/3fbiwFXIczpldRalACm0XX3QMUxGTQEcoarcq5FbU+jDFd+oX
MW0GKIjH+t4YvrjyaCFT1uJJrw14gCbTHjVw3OQvsbIETiWSEjgDHSCG0CoAi2Fj
JE24yRoWLRLZNeKmi3kr2SKlpxRuHWn4drk4Vx9bOhGOlayCg1Fw10dh/uRdeLFQ
AMFAabDfSURIotWAiqbMUlH90FQgLkAT5Rd0Nc/zIZU7Scp+xnz3QUj5sRWnoLbk
sv1IfDZqFj1O0pu/UHZ1SSJuHV25AgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAFy8
JMHerTLzMj1rGo/JuSKfWdgYsS/kEcsxdkS4iAQ9jPW8M6aI0DPfNLLd+k40D/VQ
mzbjgfM+1sn0grvrOClc5h/CKZu4ZmTGYqXKjSSMfoe5xtqVxgvpqHAFvIcN25oM
g5PsSmAQXrmXpefl94uP8eivWmga6oWFtMBu/SlHXcPYzXIsu2YyNA3UghePm4/7
a7LeiEUvMFtHmIzaJE7R3w4HnKbzcZ2sYGGHnzSaF9Z86HMyrlY8x51n5878McJu
R7yu0QlYV+zgIUeT3DRDblR++ckGhiCiyCYQiRTtcxOyH/zLognWZNSGQfs12vm9
uuXOZaYfWZbr3mjTD4o=
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=El Cajon/O=Cleaning System Specialists/OU=pressurewasher.net/CN=*.pressurewasher.net/[email protected]
issuer=/C=US/ST=California/L=El Cajon/O=Cleaning System Specialists/OU=pressurewasher.net/CN=*.pressurewasher.net/[email protected]
---
No client certificate CA names sent
---
SSL handshake has read 2633 bytes and written 473 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 421009A42553031607CD36DA03AE66F96BB68E06F38C8570F86A5B2B282BC3D4
Session-ID-ctx:
Master-Key: BB2705159FD2225125FC194AC0C90F49435409D8C550FE56FB10CF39EA39AE4ABFA7F7E356D1A4BB06D65EFFE25CBAA3
Key-Arg : None
Krb5 Principal: None
PSK identity: None
PSK identity hint: None
TLS session ticket:
0000 - 52 c4 d6 b9 5c 33 57 15-9b ee 71 9e 88 dc 1d 84 R...\3W...q.....
0010 - 09 97 b3 9d 4d a8 69 92-d1 42 b4 f8 a9 52 7b 29 ....M.i..B...R{)
0020 - 47 e4 75 60 1c da 01 70-04 65 7a 35 26 ae df 17 G.u`...p.ez5&...
0030 - 33 9c 89 06 c8 41 27 5c-07 d9 46 34 9a f9 42 a7 3....A'\..F4..B.
0040 - 5a 74 e7 87 c7 1a e6 c8-75 64 d6 72 33 c8 d3 97 Zt......ud.r3...
0050 - 60 d3 f7 78 08 53 30 f9-7c 9c 20 ae d3 92 db bd `..x.S0.|. .....
0060 - ec 1f 1a 70 4d 6b 59 08-7f 03 6e f2 84 cb a7 30 ...pMkY...n....0
0070 - 7f ae 42 2d 02 fd 02 5a-b0 e5 98 46 7e cc d1 79 ..B-...Z...F~..y
0080 - 98 7d 2c 33 db bb 9f 5c-94 98 83 3b c4 9f 87 86 .},3...\...;....
0090 - f0 88 bc fc cd ee 09 db-2d b3 1c 59 a3 53 c3 1c ........-..Y.S..
Start Time: 1388797356
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
250 HELP

Click to expand...

Send test e-mail message: The server responded: 421 Cannot connect to SMT

Click to expand...