Hi, In our postfix server, we see
SSL_accept error from hgrs-mail01.hgrs.tld.dom[161.x.y.z]: 0 Nov 16 08:54:52 postfix2cc/smtpd[18662]: warning: TLS library problem: 18662:error:140943E8:SSL routines:SSL3_READ_BYTES:reason(1000):s3_pkt.c:1053:SSL alert number 0: This error message apparently means that the client aborted the handshake just after receiving the server certificate. Details of the TLS handshake incl. pcap wireshark view have been posted to http://www.mail-archive.com/openssl-users@openssl.org/ If anybody is interested, I am happy to bilaterally send the .pcap files for further analysis. One hypothesis is that there is a Lotus Notes Domino bug (LO41163: IMPROPERLY BUILDING CERT CHAIN WHEN FOREIGN HOST PRESENTS JUST LEAF CERT) but the problem continued even when not just the leaf but also the leaf + intermediate or incl. root respectively were sent by the postfix server. So there must also be another problem. Any hints how to do a client certificate authentication TLS-handshake between IBM's v8.51 as the client and postfix/openssl on the server side would be highly appreciated. Many thanks in advance Ralf
