Ok,

Rick

 

From: Eric Broch [mailto:ebr...@whitehorsetc.com] 
Sent: Friday, March 09, 2018 11:17 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Mail Failure

 

I'm not sure it will work. It installs side by side with old rpms openssl and 
openssl-devel. I'd try creating the notlshosts/<fqdn> first, and let me do some 
experimenting.

 

On 3/9/2018 9:14 AM, Rvaught wrote:

Thank you, I will give this a try.

Rick

 

From: Eric Broch [mailto:ebr...@whitehorsetc.com] 
Sent: Friday, March 09, 2018 10:50 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Mail Failure

 

In fact, here's a binary

https://centos.pkgs.org/5/epel-x86_64/openssl101e-1.0.1e-11.el5.x86_64.rpm.html

and the how to

1.      Download the latest epel-release rpm from 

http://dl.fedoraproject.org/pub/archive/epel/5/x86_64/

2.      Install epel-release rpm: 

# rpm -Uvh epel-release*rpm

3.      Install openssl101e rpm package: 

# yum install openssl101e

 

On 3/9/2018 8:47 AM, Eric Broch wrote:

That's the issue. TLSv1.1 & TLSv1.2 are only support in openssl-1.*

You could disable TLS for this email address 
(https://serverfault.com/questions/562234/disable-starttls-on-qmail-for-outgoing-messages).

Or, you could upgrade manually openssl on CentOS 5 
(https://miteshshah.github.io/linux/centos/how-to-enable-openssl-1-0-2-a-tlsv1-1-and-tlsv1-2-on-centos-5-and-rhel5/).

Eric

 

On 3/9/2018 8:30 AM, Rvaught wrote:

Version .9.8e-33.el5_11

 

From: Eric Broch [mailto:ebr...@whitehorsetc.com] 
Sent: Friday, March 09, 2018 10:26 AM
To: qmailtoaster-list
Subject: Re: [qmailtoaster] Mail Failure

 

What version of openssl is on your host? 

# rpm -qa | grep openssl

 

On 3/8/2018 11:22 AM, Rvaught wrote:

 

I am getting this failure when trying to send mail to one email address.

 

The error is TLS connect failed: error 140770FC: SSL routing: SSL 
3_GET_SERVER_HELLO: unknown protocol. It appears your server wants a TLS or SSL 
connection or certificate.  

 

I am running a qmail toaster on Centos 5.11.

 

How can I tell what version TLS I am using? The support person on the other end 
says they do not accept version of  lower than TLS 1.1 or 1.2.

 

Thanks ,

Rick

 

 

 







-- 
Eric Broch
White Horse Technical Consulting (WHTC)






-- 
Eric Broch
White Horse Technical Consulting (WHTC)






-- 
Eric Broch
White Horse Technical Consulting (WHTC)





-- 
Eric Broch
White Horse Technical Consulting (WHTC)

Reply via email to