Hi, I have a postfix-3.7.4 server with openssl-3.0.9 on fedora38 and receiving the following errors in my logs:
Sep 11 14:19:51 cipher postfix/smtps/smtpd[3992923]: warning: TLS library problem: error:0A0000C1:SSL routines::no shared cipher:ssl/statem/statem_srvr.c:2220: What kind of clients is this impacting? I found this post that says I can add ECDHE-RSA-AES256-SHA384 to the cipher list to fix this. https://encryp.ch/blog/amazon-ses-encryption-misconfiguration/ # postconf -n|grep -E 'cipher|protocol' smtp_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1 smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1 smtpd_tls_exclude_ciphers = MD5, RC4, 3DES, IDEA, SEED, aNULL smtpd_tls_mandatory_ciphers = high smtpd_tls_mandatory_protocols = >=TLSv1.2 smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1 tls_preempt_cipherlist = yes
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
