When it works fine, but without certificate verification: $ cat /etc/relayd.conf tcp protocol proto_wp { # tls ca file "/etc/ssl/cert.pem" tls tlsv1.1 pass }
relay connect_to_mail_wp { protocol proto_wp listen on 127.0.0.1 port 5555 forward with tls to imap.wp.pl port 993 } # relayd -d -vvv -f /etc/relayd.conf startup socket_rlimit: max open files 1024 socket_rlimit: max open files 1024 socket_rlimit: max open files 1024 relay_privinit: adding relay connect_to_mail_wp protocol 1: name proto_wp flags: used, relay flags: tls client tls flags: tlsv1.1, tlsv1.2, cipher-server-preference, client-renegotiation type: tcp pass request ca_engine_init: using RSA privsep engine socket_rlimit: max open files 1024 ca_engine_init: using RSA privsep engine ca_engine_init: using RSA privsep engine ca_engine_init: using RSA privsep engine relay_launch: running relay connect_to_mail_wp relay_launch: running relay connect_to_mail_wp relay_launch: running relay connect_to_mail_wp relay connect_to_mail_wp, tls session 1 connected (1 active) relay connect_to_mail_wp, session 1 (1 active), 0, 127.0.0.1 -> 212.77.101.140:993, done *** When if fails: $ cat /etc/relayd.conf tcp protocol proto_wp { tls ca file "/etc/ssl/cert.pem" tls tlsv1.1 pass } relay connect_to_mail_wp { protocol proto_wp listen on 127.0.0.1 port 5555 forward with tls to imap.wp.pl port 993 } # relayd -d -vvv -f /etc/relayd.conf startup socket_rlimit: max open files 1024 relay_load_certfiles: using ca /etc/ssl/cert.pem socket_rlimit: max open files 1024 socket_rlimit: max open files 1024 socket_rlimit: max open files 1024 relay_privinit: adding relay connect_to_mail_wp protocol 1: name proto_wp flags: used, relay flags: tls client tls flags: tlsv1.1, tlsv1.2, cipher-server-preference, client-renegotiation type: tcp pass request ca_engine_init: using RSA privsep engine ca_engine_init: using RSA privsep engine ca_engine_init: using RSA privsep engine ca_engine_init: using RSA privsep engine