Robin Bowes said the following on 01/23/2006 10:06 PM:
> Robin Bowes said the following on 01/23/2006 08:42 PM:
>
>>John Peacock said the following on 01/23/2006 08:36 PM:
>>
>>
>>>Robin Bowes wrote:
>>>
>>>
>>>
>>>>*** TLS startup failed (error:00000000:lib(0):func(0):reason(0))
>>>>-> QUIT
>>>>
>>>>There's nothing in qpsmtpd log that suggests why this is failing.
>>>
>>>
>>>If you are running branches/0.3x, try and go in and re-enable the debugging
>>>lines for IO::Socket::SSL:
>>>
>>>=== plugins/tls
>>>==================================================================
>>>--- plugins/tls (revision 749)
>>>+++ plugins/tls (local)
>>>@@ -21,7 +21,7 @@
>>>
>>>=cut
>>>
>>>-use IO::Socket::SSL;# qw(debug1 debug2 debug3 debug4);
>>>+use IO::Socket::SSL qw(debug1 debug2 debug3 debug4);
>>>
>>>sub init {
>>> my ($self, $qp, $cert, $key) = @_;
>>>
>>>And then see what you get in the logs. I don't see that log string at all,
>>>however. Are you actually running branches/0.3x at all? Note that the tls
>>>plugin had some problems in 0.31.1 that are fixed in the branch.
>>
>>
>>The error msg above is produced by swaks. Specifically, the command:
>>
>>swaks -t [EMAIL PROTECTED] -s smtp.robinbowes.com -tls
>>
>>I'll try reenabling the debugging and see what I get.
>
>
> OK, I've checked out the 0.3x branch again and am now using that
> codebase (I did a diff against my existing 0.3x dir and it's essentially
> the same, i.e. the only changes are additional plugins or config changes.)
>
> I've enabled debugging in the tls plugin as John suggested.
>
> I still see the same problem.
>
> So, I tried testing with openssl:
>
> # openssl s_client -starttls smtp -crlf -connect localhost:25
> CONNECTED(00000003)
> 21435:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown
> protocol:s23_clnt.c:494:
>
> So, something's broken, but I don't know what.
>
> Anybody got any idea what?
I've just seen this in the qpsmtpd log:
CA file certs/my-ca.pem not found, using CA path instead.
Is this relevant?
R.
