Ok, for the record, since my first certificate in 98', I've never had a
bad issued certificate. Well, I did. Created a new csr, got it back,
installed, and now working.
So, now to the next new thing. I started all the services in this order:
courier-msa
courier
courier-mta
courier-mta-ssl
courier-imap
courier-imap-ssl
courier-pop
courier-pop-ssl
Then I checked the logs and realized that I forgot to start the auth, so
went back and start it. Then I restarted all mta / imap services. Now,
I can send messages from outside to this server and it will properly
receive and route email. However, what I can't do, is send through it -
client programs just sit and timeout. Using port 587, and have checked
using sl_client and everything looks good. Again, no errors in log, do
see connection, but nothing after that.
On 7/24/22 10:50, Sam Varshavchik wrote:
Greg Pfister writes:
Updating my GoDaddy Certificate by placing in a pem file, in order,
cert, chain certificates, and key. MTA and IMAP start in ssl,
however, received while performing a openssl s_client
139637514474880:error:0407E085:rsa
routines:RSA_verify_PKCS1_PSS_mgf1:first octet
invalid:../crypto/rsa/rsa_pss.c:70:
139637514474880:error:1417B07B:SSL
routines:tls_process_cert_verify:bad
signature:../ssl/statem/statem_lib.c:504:
Nothing in server logs.
I checked each certificate prior and they seem to b in order. I then
downloaded the entire package from GoDaddy and did it again to no avail.
As a diagnostic try to use couriertls for this test:
addcr | TLS_VERIFYPEER=NONE couriertls -host=localhost -port=143
-protocol=imap
_______________________________________________
Courier-imap mailing list
Courier-imap@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
_______________________________________________
Courier-imap mailing list
Courier-imap@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
