When it works fine, but without certificate verification:
$ cat /etc/relayd.conf
tcp protocol proto_wp {
# tls ca file "/etc/ssl/cert.pem"
tls tlsv1.1
pass
}
relay connect_to_mail_wp {
protocol proto_wp
listen on 127.0.0.1 port 5555
forward with tls to imap.wp.pl port 993
}
# relayd -d -vvv -f /etc/relayd.conf
startup
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
relay_privinit: adding relay connect_to_mail_wp
protocol 1: name proto_wp
flags: used, relay flags: tls client
tls flags: tlsv1.1, tlsv1.2, cipher-server-preference,
client-renegotiation
type: tcp
pass request
ca_engine_init: using RSA privsep engine
socket_rlimit: max open files 1024
ca_engine_init: using RSA privsep engine
ca_engine_init: using RSA privsep engine
ca_engine_init: using RSA privsep engine
relay_launch: running relay connect_to_mail_wp
relay_launch: running relay connect_to_mail_wp
relay_launch: running relay connect_to_mail_wp
relay connect_to_mail_wp, tls session 1 connected (1 active)
relay connect_to_mail_wp, session 1 (1 active), 0, 127.0.0.1 ->
212.77.101.140:993, done
***
When if fails:
$ cat /etc/relayd.conf
tcp protocol proto_wp {
tls ca file "/etc/ssl/cert.pem"
tls tlsv1.1
pass
}
relay connect_to_mail_wp {
protocol proto_wp
listen on 127.0.0.1 port 5555
forward with tls to imap.wp.pl port 993
}
# relayd -d -vvv -f /etc/relayd.conf
startup
socket_rlimit: max open files 1024
relay_load_certfiles: using ca /etc/ssl/cert.pem
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
socket_rlimit: max open files 1024
relay_privinit: adding relay connect_to_mail_wp
protocol 1: name proto_wp
flags: used, relay flags: tls client
tls flags: tlsv1.1, tlsv1.2, cipher-server-preference,
client-renegotiation
type: tcp
pass request
ca_engine_init: using RSA privsep engine
ca_engine_init: using RSA privsep engine
ca_engine_init: using RSA privsep engine
ca_engine_init: using RSA privsep engine
