Problems using Postfix and TLS

Started by RalfOE, May 03, 2022, 09:03:43 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 03, 2022, 09:03:43 AM
I tried to configure Postfix and TLS, but got lost connection messages:

postfix/smtpd[22661]   disconnect from mail-ej1-f53.google.com[209.85.218.53] ehlo=1 starttls=0/1 commands=1/2   
postfix/smtpd[22661]   lost connection after STARTTLS from mail-ej1-f53.google.com[209.85.218.53]   
postfix/smtpd[22661]   connect from mail-ej1-f53.google.com[209.85.218.53]

Messages sent from Gmail got the info: 454 4.7.0 TLS not available due to local problem

I think it's an issue by the certificate, but I can't find info, how to configure right.
May 04, 2022, 08:05:32 AM #1
You can see which certificate postfix is using with:

openssl s_client -debug -starttls smtp -crlf -connect firewall:25 > postfix.txt

replace 'firewall' with the hostname or IP address of your firewall. You should get a 2xx reply (e.g. 250 chunking).

You could go through a full SMTP conversation, but if you only want to know the cert, just type quit and examine the text file.

Bart...
May 04, 2022, 05:33:34 PM #2
Hi Bart,

thank you. It seems, that we had problems with the Let's Encrypt certificate. I used another certificate and since then it works.

Ralf
August 10, 2022, 11:11:10 PM #3
In my case I had to reload and re-select my ROOT CA chain within the Postfix configuration.  The odd part is that the root CA cert I re-uploaded had the same serial numbers etc... A bit of a head scratcher but it got it all going....
Print
Go Up Pages1
User actions