Lindsay Haisley writes:
[pid 5684] open("/etc/ssl/cert.pem", O_RDONLY) = -1 ENOENT (No such file or directory) [pid 5684] stat("/etc/ssl/certs/c33a80d4.1", 0x7fff935ca8f0) = -1 ENOENT (No such file or directory)Since processes frequently iterate through a series of possible locations for needed files, plus many that aren't needed but just checked for, I assume most of these are spurious, and the last one is probably the one that's causing the problem. Indeed, there is no c33a80d4.1 cert file. I'm not familiar with the details of the TLS mechanism. Is this a file that's expected to be there as a result of the TLS negotiation with the remote server?
Something is happening inside OpenSSL. I think than OpenSSL is trying to find the remote server's certificate authority's certificate.
A lot of SMTP servers use self-signed certs, so certificate verification for SMTP isn't really useful. The default courierd settings have ESMTP_TLS_VERIFY_DOMAIN=0 and TLS_VERIFY_PEER=NONE. This allows TLS to proceed, but disables certificate verification. If you changed these settings in courierd, try reverting to these defaults and see what happens. I'm not actually sure if this is what triggers the error message. ENOENTs, as you've noted, are quite common and ordinary, you need to look for the one that immediately preceded the "No such file or directory". There may be another reason, but confirming that these settings are the default will eliminate that possibility.
pgpkI0dmDh4P4.pgp
Description: PGP signature
------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
