I tried to configure Postfix and TLS, but got lost connection messages:
postfix/smtpd[22661] disconnect from mail-ej1-f53.google.com[209.85.218.53] ehlo=1 starttls=0/1 commands=1/2
postfix/smtpd[22661] lost connection after STARTTLS from mail-ej1-f53.google.com[209.85.218.53]
postfix/smtpd[22661] connect from mail-ej1-f53.google.com[209.85.218.53]
Messages sent from Gmail got the info: 454 4.7.0 TLS not available due to local problem
I think it's an issue by the certificate, but I can't find info, how to configure right.
You can see which certificate postfix is using with:
openssl s_client -debug -starttls smtp -crlf -connect firewall:25 > postfix.txt
replace 'firewall' with the hostname or IP address of your firewall. You should get a 2xx reply (e.g. 250 chunking).
You could go through a full SMTP conversation, but if you only want to know the cert, just type quit and examine the text file.
Bart...
Hi Bart,
thank you. It seems, that we had problems with the Let's Encrypt certificate. I used another certificate and since then it works.
Ralf
In my case I had to reload and re-select my ROOT CA chain within the Postfix configuration. The odd part is that the root CA cert I re-uploaded had the same serial numbers etc... A bit of a head scratcher but it got it all going....