> On 17/08/2020 12:51 Johannes Rohr <[email protected]> wrote: > > > |Dear all,| > > |a couple of days ago I upgraded our server from Ubuntu 18.04 to 20.04, > thereby upgrading dovecot from 2.2.x to 2.3.x. > | > > |Since then, some older versions of apple's mail.app (bundled with el > Capitano, released in 2016) no longer connect. When I turn on SSL > debugging, I see:| > > |Debug: SSL error: SSL_accept() failed: error:14209102:SSL > routines:tls_early_post_process_client_hello:unsupported protocol > imap-login: Debug: SSL error: SSL_accept() syscall failed: Invalid argument| > > || > > |Unfortunately, it doesn't reveal the name of the unsupported protocol. > Also, what about the failed syscall? Does dovecot try and fail to open > some file?| > > |Here are the contents of /etc/dovecot/conf.d/10-ssl.conf:| > > | ssl = yes > ssl_cert = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/fullchain.pem > ssl_key = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/key.pem > ssl_ca = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/ca.pem > ssl_client_ca_dir = /etc/ssl/certs > ssl_dh = </etc/dovecot/dh.pem > | > > |I would greatly appreciate any hints! > | > > |Cheers,| > > |Johannes > | > > | > | > > ||
You need to set ssl_min_protocol = TLSv1.2 # or TLSv1 Aki
