Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 16th June 2006, 20:08
qiu qiu is offline
Member
 
Join Date: Apr 2006
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
Smile postfix error

This is from my mail.warn log any ideas how to fix it?


JJun 14 14:01:21 localhost postfix/smtpd[6457]: warning: 216.255.180.18: hostname 216.255.180.18-custblock.intercage.com verification failed: Temporary failure in name resolution
Jun 14 17:20:01 xstation postfix/smtpd[4196]: warning: cannot get certificate from file /etc/postfix/ssl/xstation_4096.net_cert.pem
Jun 14 17:20:01 xstation postfix/smtpd[4196]: warning: TLS library problem: 4196:error:02001002:system library:fopen:No such file or directory:bss_file.c:349:fopen('/etc/postfix/ssl/xstation_4096.net_cert.pem','r'):
Jun 14 17:20:01 xstation postfix/smtpd[4196]: warning: TLS library problem: 4196:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:351:
Jun 14 17:20:01 xstation postfix/smtpd[4196]: warning: TLS library problem: 4196:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:720:


AND in
mail.log

Jun 16 18:57:55 xstation postfix/smtpd[4821]: warning: cannot get certificate from file /etc/postfix/ssl/xstation

_4096.net_cert.pem
Jun 16 18:57:55 xstation postfix/smtpd[4821]: warning: TLS library problem: 4821:error:02001002:system library:fopen:No such file or directory:bss_file.c:349:fopen('/etc/postfix/ssl/xstation_4096.net_cert.pem','r'):
Jun 16 18:57:55 xstation postfix/smtpd[4821]: warning: TLS library problem: 4821:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:351:
Jun 16 18:57:55 xstation postfix/smtpd[4821]: warning: TLS library problem: 4821:error:140DC002:SSL routines:SSL_CTX_use_certificate_chain_file:system lib:ssl_rsa.c:720:
Jun 16 18:57:55 xstation postfix/smtpd[4821]: cannot load RSA certificate and key data
J


thanks
Reply With Quote
Sponsored Links
  #2  
Old 16th June 2006, 20:12
davekeogh davekeogh is offline
Junior Member
 
Join Date: Jun 2006
Posts: 16
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Can you verify the dns resolution of the box.
Plus can you also verify that the certificate: /etc/postfix/ssl/xstation_4096.net_cert.pem is actually there, and correct.
Reply With Quote
  #3  
Old 16th June 2006, 23:25
qiu qiu is offline
Member
 
Join Date: Apr 2006
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
Default postfix error

how to check these points you raised please.
Reply With Quote
  #4  
Old 17th June 2006, 10:51
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,060
Thanks: 826
Thanked 5,395 Times in 4,239 Posts
Default

Quote:
Can you verify the dns resolution of the box.
You may try:

ping -c 3 www.google.com

Quote:
Plus can you also verify that the certificate: /etc/postfix/ssl/xstation_4096.net_cert.pem is actually there, and correct.
Please post the output of:

ls -la /etc/postfix/ssl/
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 17th June 2006, 17:02
qiu qiu is offline
Member
 
Join Date: Apr 2006
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
Default postfix error

total 40
drwxr-xr-x 2 root root 4096 2006-06-14 15:57 .
drwxr-xr-x 4 root root 4096 2006-06-14 15:59 ..
-rw-r--r-- 1 root root 1277 2006-06-08 14:26 cacert.pem
-rw-r--r-- 1 root root 993 2006-06-14 12:35 cacert.pem_orig
-rw-r--r-- 1 root root 963 2006-06-14 12:35 cakey.pem
-rw-r--r-- 1 root root 757 2006-06-14 12:34 smtpd.crt
-rw-r--r-- 1 root root 603 2006-06-14 12:34 smtpd.csr
-rw-r--r-- 1 root root 887 2006-06-14 12:35 smtpd.key
-rw-r--r-- 1 root root 3738 2006-06-08 14:26 xstation.4096.net_cert.pem
-rw-r--r-- 1 root root 1611 2006-06-08 14:26 xstation.4096.net_req.pem

:~$ ping -c 3 www.gogle.com
PING www.l.google.com (216.239.59.99) 56(84) bytes of data.
64 bytes from 216.239.59.99: icmp_seq=1 ttl=246 time=33.1 ms
64 bytes from 216.239.59.99: icmp_seq=2 ttl=246 time=34.0 ms
64 bytes from 216.239.59.99: icmp_seq=3 ttl=246 time=43.3 ms

--- www.l.google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 33.197/36.866/43.360/4.607 ms




qiu
Reply With Quote
  #6  
Old 18th June 2006, 22:37
davekeogh davekeogh is offline
Junior Member
 
Join Date: Jun 2006
Posts: 16
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Look at the error message, postfix is looking for:
/etc/postfix/ssl/xstation_4096.net_cert.pem

And what you have is:
-rw-r--r-- 1 root root 3738 2006-06-08 14:26 xstation.4096.net_cert.pem
-rw-r--r-- 1 root root 1611 2006-06-08 14:26 xstation.4096.net_req.pem

Try copying the certs to the same name as postfix is looking for, or just find the config and change it!
Reply With Quote
  #7  
Old 19th June 2006, 11:43
qiu qiu is offline
Member
 
Join Date: Apr 2006
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
Default postfix error

In my main.cf file it looks like this

smtpd_tls_cert_file = /etc/postfix/ssl/xstation_4096.net_cert.pem
smtpd_tls_key_file = /etc/postfix/ssl/xstation_4096.net_req.pem

which config file are you refering to.?

qiu
Reply With Quote
  #8  
Old 19th June 2006, 11:53
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,060
Thanks: 826
Thanked 5,395 Times in 4,239 Posts
Default

Quote:
Originally Posted by qiu
In my main.cf file it looks like this

smtpd_tls_cert_file = /etc/postfix/ssl/xstation_4096.net_cert.pem
smtpd_tls_key_file = /etc/postfix/ssl/xstation_4096.net_req.pem

which config file are you refering to.?
Change the lines to:

smtpd_tls_cert_file = /etc/postfix/ssl/xstation.4096.net_cert.pem
smtpd_tls_key_file = /etc/postfix/ssl/xstation.4096.net_req.pem

and restart postfix.

/etc/init.d/postfix restart

Your certificate files where named xstation.4096.net_cert.pem and not xstation_4096.net_cert.pem
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #9  
Old 20th June 2006, 12:15
qiu qiu is offline
Member
 
Join Date: Apr 2006
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
Default postfix error

thankyou Till for your assistance seems to be ok now.

qiu
Reply With Quote
  #10  
Old 21st June 2006, 13:40
qiu qiu is offline
Member
 
Join Date: Apr 2006
Posts: 51
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default postfix error

thanks foe your assistance on my previous post .

i tried o see if tls was working and got this reply.


~$ telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain.
Escape character is '^]'.
220 xstation.4096.net ESMTP Postfix (Ubuntu)
echo localhost
502 Error: command not implemented
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
configuring IPTABLES firewall adityavpratap HOWTO-Related Questions 9 27th May 2006 21:42
Frustrated with ISPConfig install! woozyerdaddee Installation/Configuration 4 19th May 2006 03:38
Fresh Install on Debian cksrealm Installation/Configuration 12 22nd February 2006 16:14
Installation Fails... :( cyberstorm Installation/Configuration 1 15th January 2006 18:07
Install stop at uuwish, UUDeview SeaWolf Installation/Configuration 6 4th October 2005 23:53


All times are GMT +2. The time now is 16:24.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.