On Sun, Apr 14, 2013 at 06:31:48PM +0000, Joan Moreau wrote:
> Ok, I have now proper install of postfix / openssl / cyrsus / etc...
>
> I still get :
>
> 2013-04-14T20:29:45.074096+02:00 server postfix/smtpd[12926]: warning:
> TLS library problem: 12926:error:1409D08A:SSL
> routines:SSL3_SETUP_KEY_BLOCK:cipher or hash unavailable:s3_enc.c:402:
> 2013-04-14T20:29:45.074367+02:00 server postfix/smtpd[12926]: lost
> connection after CONNECT from unknown[41.137.65.121]
> 2013-04-14T20:29:45.074390+02:00 server postfix/smtpd[12926]: disconnect
> from unknown[41.137.65.121]
>
> What shall I do to fix this ?
Use a different O/S that ships working libraries. You test with:
If Postfix is 2.10 or later, test via:
$ openssl s_server \
-key $(postconf -xh smtpd_tls_key_file) \
-cert $(postconf -xh smtpd_tls_cert_file) \
-accept 12345 > server.out 2>&1 &
$ openssl s_client -state -connect 127.0.0.1:12345 2>&1 | tee client.out
(otherwise type the correct paths for -key and -cert). Do openssl's
s_client and s_server manage to complete an SSH handshake? Post
the output of "openssl version -a" as well as server.out and client.out.
--
Viktor.
