trothigar
n00b
Joined: 23 Aug 2007
Posts: 7
|
 Posted: Sat Jan 03, 2009 7:51 pm Post subject: [solved] tls postfix problem. |
 |
|
Hi,
I am having trouble authenticating against postfix with tls for smtp. It works fine without tls, however when i enable tls in the email client, it complains the server doesn't offer starttls in ehlo response.
Transcript of session follows. (xxxx.xxx represents a real domain name)
Out: 220 xxxx.xxx ESMTP Postfix
In: EHLO [192.168.1.3]
Out: 250-xxxx.xxx
Out: 250-PIPELINING
Out: 250-SIZE 10240000
Out: 250-VRFY
Out: 250-ETRN
Out: 250-STARTTLS
Out: 250-AUTH PLAIN LOGIN
Out: 250-ENHANCEDSTATUSCODES
Out: 250-8BITMIME
Out: 250 DSN
In: STARTTLS
Out: 454 4.7.0 TLS not available due to local problem
In: QUIT
Out: 221 2.0.0 Bye
Due to the "Out: 454 4.7.0 TLS not available due to local problem" i assume that it is config problem.
relevent bits of postfix/main.cf below:
virtual_transport = dovecot
smtpd_sasl_auth_enable = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_client_restrictions=
permit_inet_interfaces,
permit_mynetworks,
permit_sasl_authenticated,
permit
smtpd_sender_restrictions=
reject_non_fqdn_sender,
permit
smtpd_reject_unlisted_sender = yes
smtpd_recipient_restrictions=
permit_mynetworks,
reject_non_fqdn_recipient
permit_sasl_authenticated
reject_unauth_destination
permit
smtpd_tls_security_level = may
smtpd_tls_cert_file = /root/mycerts/server.crt
smtpd_tls_key_file = /root/mycerts/server.key
Thanks
Trothigar
EDIT: solved it. I was using an encrypted which postfix doen't like. dencrypted the key and that solved it |
|
Networking & Security
