[Pkg-exim4-users] a tls fatal alert has been received
Marc Haber
mh+pkg-exim4-users at zugschlus.de
Mon Mar 30 12:30:40 UTC 2015
On Fri, Mar 27, 2015 at 05:12:13PM -0700, Chad Plantenberg wrote:
> new to the list and to exim in general:
>
> checked all the suggested locations first.
>
> heres the error in the log:
> ...tls error on connection from [remote ip address] (recv): a tls
> fatal alert has been received.: ca is unknown
> tls error on connection from [remote ip address] (send): the specified
> session has been invalidated for some reason.
>
> self-signed cert where you would expect /etc/exim4/
> running exim -bP displays the correct path to the file
> exim points to ca list in /etc/ssl/certs/ correctly
> using dovecot for authentication, nothing shows up in dovecot logs, so
> its not getting to auth because its failing at tls
> using swaks on the machine the are no problems with tls
> the client is attempting to connect using seamonkey.
>
> i thought the log message was an exim error, but im starting to think
> now that exim is stating that this is the error it received from
> seamonkey: seamonkey doesnt like exims self-signed cert? but its
> fine with dovecots (have not had same problem with imap using ssl).
Try talking to exim with openssl s_client or gnutls-client and see
whether this works. Then try having Seamonkey talk to an openssl
s_server or a gnutls-serv equipped with your exim's certificate.
See whether an exim listener (maybe on a different port so that it
doesn't interfere with your normal e-mail business) started
in foreground with more debugging enabled will give more insight.
Greetings
Marc
--
-----------------------------------------------------------------------------
Marc Haber | "I don't trust Computers. They | Mailadresse im Header
Leimen, Germany | lose things." Winona Ryder | Fon: *49 6224 1600402
Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
More information about the Pkg-exim4-users
mailing list