Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions
Reload this Page Virtual Users And Domains With Postfix, Courier And MySQL - TLS not working
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 17th April 2008, 09:31
c4rdinal c4rdinal is offline
Member
  
Join Date: Mar 2008
Posts: 78
Thanks: 0
Thanked 0 Times in 0 Posts
Default Virtual Users And Domains With Postfix, Courier And MySQL - TLS not working
Hi,

I noticed that TLS is not working:

telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.domain.com ESMTP Postfix
ehlo localhost
250-mail.domain.com
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN


I cannot find STARTTLS.

/var/log/mail.log indicates:

Apr 17 22:41:35 mail postfix/smtpd[4679]: connect from localhost[127.0.0.1]
Apr 17 22:46:35 mail postfix/smtpd[4679]: SSL_accept error from localhost[127.0.0.1]: -1
Apr 17 22:46:35 mail postfix/smtpd[4679]: lost connection after STARTTLS from localhost[127.0.0.1]

mail:/etc/postfix/ssl# openssl s_client -connect localhost:25 -starttls smtp
CONNECTED(00000003)
5480:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:


What could be the problem?

TIA
Last edited by c4rdinal; 17th April 2008 at 09:41.
Reply With Quote
Sponsored Links
  #2  
Old 17th April 2008, 10:13
topdog topdog is offline
Senior Member
  
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 148 Times in 145 Posts
Default
handshake failure is usually a problem with the certificates, check the postfix logs for that particular time should get some indication of what is wrong
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
  #3  
Old 17th April 2008, 10:20
c4rdinal c4rdinal is offline
Member
  
Join Date: Mar 2008
Posts: 78
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Quote:
Originally Posted by topdog
handshake failure is usually a problem with the certificates, check the postfix logs for that particular time should get some indication of what is wrong

Postfix logs:

#/var/log/mail.log

Apr 17 22:41:35 mail postfix/smtpd[4679]: connect from localhost[127.0.0.1]
Apr 17 22:46:35 mail postfix/smtpd[4679]: SSL_accept error from localhost[127.0.0.1]: -1
Apr 17 22:46:35 mail postfix/smtpd[4679]: lost connection after STARTTLS from localhost[127.0.0.1]

# netstat -ntlp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:55555 0.0.0.0:* LISTEN 2106/perl
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 1990/mysqld
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1664/portmap
tcp 0 0 0.0.0.0:2416 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:2801 0.0.0.0:* LISTEN 2426/rpc.statd
tcp 0 0 0.0.0.0:113 0.0.0.0:* LISTEN 2279/inetd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 2106/perl
tcp 0 0 0.0.0.0:125 0.0.0.0:* LISTEN 5436/master
tcp6 0 0 :::993 :::* LISTEN 4524/couriertcpd
tcp6 0 0 :::995 :::* LISTEN 4414/couriertcpd
tcp6 0 0 :::110 :::* LISTEN 4366/couriertcpd
tcp6 0 0 :::143 :::* LISTEN 4486/couriertcpd
tcp6 0 0 :::80 :::* LISTEN 2465/apache2
tcp6 0 0 :::22 :::* LISTEN 2370/sshd
tcp6 0 0 :::125 :::* LISTEN 5436/master
Reply With Quote
  #4  
Old 17th April 2008, 10:23
topdog topdog is offline
Senior Member
  
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 148 Times in 145 Posts
Default
Are you sure that is all that is being logged ?
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
  #5  
Old 17th April 2008, 10:35
c4rdinal c4rdinal is offline
Member
  
Join Date: Mar 2008
Posts: 78
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Quote:
Originally Posted by topdog
Are you sure that is all that is being logged ?
Yes, that's all you can see as far as the command:

# openssl s_client -connect localhost:25 -starttls smtp
CONNECTED(00000003)
5480:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

Postfix Logs: /var/log/mail.log

Apr 17 22:41:35 mail postfix/smtpd[4679]: connect from localhost[127.0.0.1]
Apr 17 22:46:35 mail postfix/smtpd[4679]: SSL_accept error from localhost[127.0.0.1]: -1
Apr 17 22:46:35 mail postfix/smtpd[4679]: lost connection after STARTTLS from localhost[127.0.0.1]

#telnet localhost 25

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.domain.com ESMTP Postfix
ehlo domain.com
250-mail.domain.com
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye


Postfix Logs: /var/log/mail.log

Apr 18 00:25:34 mail postfix/smtpd[5615]: connect from localhost[127.0.0.1]
Apr 18 00:26:02 mailpostfix/smtpd[5615]: disconnect from localhost[127.0.0.1]
Apr 18 00:29:46 mail postfix/smtpd[5618]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
Apr 18 00:29:46 mail postfix/smtpd[5618]: connect from localhost[127.0.0.1]
qApr 18 00:30:04 mail postfix/smtpd[5618]: disconnect from localhost[127.0.0.1]
Reply With Quote
  #6  
Old 17th April 2008, 10:38
topdog topdog is offline
Senior Member
  
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 148 Times in 145 Posts
Default
What of syslog ?
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
  #7  
Old 27th April 2008, 19:20
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,685
Thanks: 1,899
Thanked 2,599 Times in 2,448 Posts
Default
Can you re-do chapter 5 from http://www.howtoforge.com/virtual_us...debian_etch_p2 ?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #8  
Old 29th April 2008, 01:44
c4rdinal c4rdinal is offline
Member
  
Join Date: Mar 2008
Posts: 78
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Hi Falko,

redoing chap. 5 didn't do anything. Same problem.

Maybe, I should reinstall and redo everything from scratch.

Thank you so much for your support.
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Virtual Users And Domains With Postfix, Courier And MySQL Secondary MX acoghlan HOWTO-Related Questions 1 8th March 2008 05:02
Virtual Users And Domains With Postfix, Courier And MySQL [+ procmail ?] immobilia HOWTO-Related Questions 5 29th June 2006 23:20
Virtual Users And Domains With Postfix, Courier And MySQL (+ SMTP-AUTH, Quota, SpamAs mholownych HOWTO-Related Questions 10 29th May 2006 03:39
Virtual Users And Domains With Postfix, Courier And MySQL - "apt-get" and Courier burritonator HOWTO-Related Questions 3 15th March 2006 20:11
Problem with Virtual Users And Domains With Postfix, Courier And MySQL Howto fenix Server Operation 4 11th March 2006 02:53


All times are GMT +2. The time now is 17:54.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.