Joe Sloan wrote:
Jim Flanagan wrote:
The actual IP address was an internal 192.168.xx.xx address, local lan. Not from the email server box, but a separate box on the lan. I can connect and send using plain connection, but it fails using TLS. Both on port 25.
LOL, there's no need to obscure 192.168. addresses since there is absolutely no way to tell which internal lan, out of the many millions on the planet, they might belong to.
I have postfix and sasl to auth via plan text. Again this is working fine. without TLS. I'm trying to obfuscate the connection with TLS, still using plain text, only inside the TLS connection.
All this leads me to beleive the problem is a cert issue.
Are there messages to that effect in /var/log/mail? Surely postfix will log something of interest in connection with the failure, feel free to share excerpts from syslog.
Here is an excerpt from /var/log/mail
May 20 20:59:55 cammee postfix/smtpd[30058]: warning: cannot get private
key from file /etc/postfix/ssl/smtpd.crt
May 20 20:59:55 cammee postfix/smtpd[30058]: warning: TLS library
problem: 30058:error:0906D06C:PEM routines:PEM_read_bio:no start
line:pem_lib.c:647:Expecting: ANY PRIVATE KEY:
May 20 20:59:55 cammee postfix/smtpd[30058]: warning: TLS library
problem: 30058:error:140B0009:SSL
routines:SSL_CTX_use_PrivateKey_file:PEM lib:ssl_rsa.c:669:
May 20 20:59:55 cammee postfix/smtpd[30058]: cannot load RSA certificate
and key data
Here is another that I really don't understand. I'm relaying thru my
ISP, but why would my cert be passed on to them?
May 20 21:00:18 cammee postfix/smtp[30055]: ADBF58BC9B:
to=