Postfix 'tlsv1 alert unknown ca'

ssl postfix dovecot
8,948

I've figured it out :), as expected turned out to be as simple as possible...

My cert wasn't readable by openssl, after adding link named as cert hash to /etc/ssl/certs/ everything works like a charm.

Share:
8,948

Related videos on Youtube

ittb
Author by

ittb

Updated on September 18, 2022

Comments

  • ittb
    ittb over 1 year

    I have VPS (server A) and hosting (server B). On the server A, I've set up mail server (debian, postfix, dovecot, postfixadmin and roundcube, self-signed cert, TLS only auth) which works fine:

    • I can send and recieve messages logged via roundcube,
    • I can send and recieve messages from post client (eg thunderbird),
    • I can send emails from website on my local machine,
    • I can send emails from website hosted on server B (symfony2/swiftmailer).

    Problem is that it's impossilble to send emails from website (exact copy of original website from server B) hosted on server A (same as mail server). I get following messages in log:

    Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: connect from domain[ip]
    Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: SSL_accept error from domain[ip]: 0
    Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: warning: TLS library problem: 3107:error:14094418:SSL rutines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1258:SSL alert number 48:
    Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: lost connection after STARTTLS from domain[ip]
    Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: disconnect from domain[ip]

    Any ideas what to do with this?

    • sebix
      sebix over 9 years
      Apparently your server B is configured to only set up encrypted connections to servers providing a certificate with a CA in your trust chain. So either add an exception, import the CA or configure your setup in another way.
  • Hasanuzzaman Sattar
    Hasanuzzaman Sattar over 2 years
    Could you please elaborate you answer. I am facing same problem

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Postfix SMTP SSL config: Can't send email but can receive it with SSL
sslv3 alert bad certificate when attempting to connect with Mail Client
Dovecot handshake failure, on Postfix success
POSTFIX cant connect from SMTP with TLS
Generating SSL key for Dovecot and Postfix
Why are many mail servers using subdomains like mail.example.com?
Thunderbird fails to connect to Dovecot and Postfix
Self signed certificate in certificate chain
Mail Server Can't Receive Email But Can Send Email - Postfix, Dovecot, MySQL
How to disable Postfix logging?