On Wed, Apr 17, 2013, Joan Moreau wrote: > Le 16/04/2013 15:11, Joan Moreau a écrit : > > >Hi, > > > >Since I upgraded my kernel (and rebuilt openssl), I get the > >following errors in Postfix: > > > >2013-04-15T13:55:29.921960+02:00 server postfix/smtpd[3308]: > >warning: TLS library problem: 3308:error:1411C146:SSL > >routines:tls1_prf:unsupported digest type:t1_enc.c:276: > > > >2013-04-15T13:55:29.921966+02:00 server postfix/smtpd[3308]: > >warning: TLS library problem: 3308:error:140D308A:SSL > >routines:TLS1_SETUP_KEY_BLOCK:cipher or hash > >unavailable:t1_enc.c:597: > > > >while the postfix system has worked since ages. > > > >I went back to the old kernel, but the error persists. > > > >Do you have an hint ? > > > >Thank you > > > >Joan > > > Actually, the complete log error is the following: > 2013-04-17T09:17:14.283129+02:00 server postfix/smtpd[16725]: > initializing the server-side TLS engine > 2013-04-17T09:17:14.383298+02:00 server postfix/smtpd[16725]: > connect from wana-25-254-12-196.wanamaroc.com[196.12.254.25] > 2013-04-17T09:17:14.383313+02:00 server postfix/smtpd[16725]: > setting up TLS connection from > wana-25-254-12-196.wanamaroc.com[196.12.254.25] > 2013-04-17T09:17:14.383382+02:00 server postfix/smtpd[16725]: > wana-25-254-12-196.wanamaroc.com[196.12.254.25]: TLS cipher list > "aNULL:-aNULL:ALL:!EXPORT:!LOW:+RC4:@STRENGTH" > 2013-04-17T09:17:14.383617+02:00 server postfix/smtpd[16725]: > SSL_accept:before/accept initialization > 2013-04-17T09:17:14.383702+02:00 server postfix/smtpd[16725]: > SSL_accept:SSLv3 read client hello A > 2013-04-17T09:17:14.383710+02:00 server postfix/smtpd[16725]: > SSL_accept:SSLv3 write server hello A > 2013-04-17T09:17:14.383712+02:00 server postfix/smtpd[16725]: > SSL_accept:SSLv3 write certificate A > 2013-04-17T09:17:14.385694+02:00 server postfix/smtpd[16725]: > SSL_accept:SSLv3 write key exchange A > 2013-04-17T09:17:14.385710+02:00 server postfix/smtpd[16725]: > SSL_accept:SSLv3 write server done A > 2013-04-17T09:17:14.385720+02:00 server postfix/smtpd[16725]: > SSL_accept:SSLv3 flush data > 2013-04-17T09:17:36.573635+02:00 server postfix/smtpd[16725]: > SSL_accept:SSLv3 read client key exchange A > 2013-04-17T09:17:36.573659+02:00 server postfix/smtpd[16725]: > SSL_accept:error in SSLv3 read certificate verify A > 2013-04-17T09:17:36.573665+02:00 server postfix/smtpd[16725]: > SSL_accept error from > wana-25-254-12-196.wanamaroc.com[196.12.254.25]: -1 > 2013-04-17T09:17:36.573670+02:00 server postfix/smtpd[16725]: > warning: TLS library problem: 16725:error:1411C146:SSL > routines:tls1_prf:unsupported digest type:t1_enc.c:276: > 2013-04-17T09:17:36.573675+02:00 server postfix/smtpd[16725]: > warning: TLS library problem: 16725:error:140D308A:SSL > routines:TLS1_SETUP_KEY_BLOCK:cipher or hash > unavailable:t1_enc.c:597: > 2013-04-17T09:17:36.573971+02:00 server postfix/smtpd[16725]: lost > connection after CONNECT from > wana-25-254-12-196.wanamaroc.com[196.12.254.25] > > Can you help ? >
This is presumably OpenSSL 1.0.1. Do you get that error when connection with TLS 1.2 only or for TLS 1.1 or earlier? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org