1

I have VPS (server A) and hosting (server B). On the server A, I've set up mail server (debian, postfix, dovecot, postfixadmin and roundcube, self-signed cert, TLS only auth) which works fine:

  • I can send and recieve messages logged via roundcube,
  • I can send and recieve messages from post client (eg thunderbird),
  • I can send emails from website on my local machine,
  • I can send emails from website hosted on server B (symfony2/swiftmailer).

Problem is that it's impossilble to send emails from website (exact copy of original website from server B) hosted on server A (same as mail server). I get following messages in log:

Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: connect from domain[ip]
Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: SSL_accept error from domain[ip]: 0
Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: warning: TLS library problem: 3107:error:14094418:SSL rutines:SSL3_READ_BYTES:tlsv1 alert unknown ca:s3_pkt.c:1258:SSL alert number 48:
Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: lost connection after STARTTLS from domain[ip]
Oct 26 19:45:00 vps105120 postfix/smtpd[3107]: disconnect from domain[ip]

Any ideas what to do with this?

ittb
  • 41
  • 1
  • 6
  • 1
    Apparently your server B is configured to only set up encrypted connections to servers providing a certificate with a CA in your trust chain. So either add an exception, import the CA or configure your setup in another way. – sebix Oct 26 '14 at 21:01

2 Answers2

3

I've figured it out :), as expected turned out to be as simple as possible...

My cert wasn't readable by openssl, after adding link named as cert hash to /etc/ssl/certs/ everything works like a charm.

ittb
  • 41
  • 1
  • 6
0

This can also happen with Let's encrypt certificate. I had similar problem which was caused by using cert.pem in postfix configuration. I resolved it by changing certificate to fullchain.pem. Most smtp clients were OK. Problem was mostly with php clients.

Václav Zindulka
  • 1