Re: Hello

[Gonzalo Rodriguez]

Hi,

Sorry the delay, my setup was OK, just in my OpenBSD 5.6 stable, the
version of OpenSTMPd have a little bug on table_passwd so that make my auth
fail.

Thanks all for the help.

2015-01-14 14:39 GMT-03:00 Jason Barbier :

>  if you read the manual page around userbase really closely you should be
> able to see how to do virtual users pretty easily. But if you still find it
> tricky
> https://blog.corrupted.io/2014/06/09/OpenSMTPD-virtual-users-with-sqlite.html 
> is
> something I wrote up on how to do it with SQLite. Please be aware It
> doesn't have the Dovecot piece in it because if you cant be bothered to do
> a couple seconds of google fu to setup virtual users with dovecot and
> sqlite you really shouldn't be running a mail server.
>
> --
> Jason Barbier
> jab...@serversave.us
>
>
> On Sun, Jan 11, 2015, at 07:30 PM, Gonzalo Rodriguez wrote:
>
> I like to add virtual users (now have system users) like:
>
> MTA: OpenSMTPD
>  LDA: Dovecot
>  IMAP: Dovecot
>  USR: Virtual
>  DOMAINS: Virtual
>
>  But I didn't found the right setup yet... any help would be nice :)
>
>
>
> 2015-01-11 0:40 GMT-03:00 Gonzalo Rodriguez :
>
> I just swtich from Postfix + Dovecot to OpenSMTPd + Dovecot
>
> And here is my conf:
>
> table domainfile:/etc/mail/domain
> table aliases   db:/etc/mail/aliases.db
>
> expire 4h
>
> pki foobar.com certificate  "/etc/ssl/foobar.com/foobar.crt"
> pki foobar.com key  "/etc/ssl/foobar.com/foobar.key"
> pki foobar.com dhparams "/etc/ssl/foobar.com/dhparam.pem"
>
> listen on lo0 port 25
> listen on egress port 25 tls pki foobar.com auth-optional
> listen on egress port 2525 tls-require pki foobar.com auth
> listen on lo0 port 10027 tag Signed
>
> accept for local alias  deliver to mda
> "/usr/local/libexec/dovecot/dovecot-lda -f %{sender} "
> accept from any for domain  alias  deliver to mda
> "/usr/local/libexec/dovecot/dovecot-lda -f %{sender} "
> accept from any for domain  deliver to mda
> "/usr/local/libexec/dovecot/dovecot-lda -f %{sender} "
> accept from local for any relay
> accept for any relay
>
>
>  I also have spamd, this is under OpenBSD 5.6 -release.
>
> Any hint to make it better or secure?
>
>  Thanks.
>
>
>
>
>

Is my virtual user configuration correct?

[Benedikt Nießen]

Hi,

My name is Benedikt, I live in Switzerland and am a big fan of FreeBSD and got 
to know about OpenSMTPD some time ago. As I am currently reworking my private 
infrastructure I want to give it a try as my requires are not that complicated.

The task:
I have a mailbox a...@example.com at a mailserver. This mailserver only 
supports one domain, which is example.com. All my other domains (and email 
aliases like a...@example.org, h...@example.net) are handled by another server 
(OpenSMTPD) and forwarded to this one mailbox.

What did I do:
Here is my configuration up to now:

/usr/local/etc/mail/smtpd.conf:

## SSL
#pki ...

## Listen on localhost (ipv4 only)
listen on 127.0.0.1 port 25 hostname mail.example.org

## Mail aliases
table local_aliases db:/usr/local/etc/mail/aliases.db
table virtual_domains   file:/usr/local/etc/mail/virtual_domains
table virtual_aliases   file:/usr/local/etc/mail/virtual_aliases

## Rules
accept for local alias  deliver to mbox
accept from any for domain  virtual  deliver 
to mbox
accept from local for any relay


This works fine so far. Local services like cron send emails to aliases which 
are (in my case) forwarded to the mailbox mentioned above. Also incoming emails 
are forwarded correctly.

My question is: I have to maintain the domains in the file virtual_domains and 
the aliases in virtual_aliases. Can I rewrite this configuration to just 
maintain the virtual_aliases in the form:

a...@example.orga...@example.com
h...@example.neta...@example.com

This would make it easier for me.

Thanks for your recommendations.

Have a nice day
Ben.
--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: a few more questions

[Seth]

On Sun, 18 Jan 2015 20:20:19 -0800, Seth  wrote:

https://github.com/OpenSMTPD/OpenSMTPD/issues/376


Related email threads

http://www.mail-archive.com/misc%40opensmtpd.org/msg00625.html

"Declare your listener with a hostnames table and declare a pki entry for
every domain that should be supported by SNI:

pki foo.bar ...
pki bar.baz ...

listen on [...] tls hostnames { foo.bar, bar.baz }"


http://www.mail-archive.com/misc%40opensmtpd.org/msg01427.html

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: a few more questions

[Seth]

On Sun, 18 Jan 2015 17:14:19 -0800, Edgar Pettijohn  
 wrote:

Is there a way to make the listen work like the relay and just use the
matching cert?


I don't think so. I think you'd have to configure an additional IP  
address for the 2nd domain, and then create a dedicated listen rule in  
smptd.conf for each IP, one per domain.



Thats what I was planning to try next.


Actually I take that back, it looks like SNI (Server Name Indication) TLS  
extension support was merged back on Dec of 2013, so you should be able to  
run multiple TLS secured domains on a single IP.


https://github.com/OpenSMTPD/OpenSMTPD/issues/376

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: a few more questions

[Edgar Pettijohn]

On 01/18/15 17:20, Seth wrote:
On Sun, 18 Jan 2015 14:25:20 -0800, Edgar Pettijohn 
 wrote:



I added another host and test user and everything seems to be working.
Reread smtpd.conf(5) and feel good about this setup.  A few questions
remain.  When I connect from my home pc with:

$ mutt -f imap://t...@test.pettijohn-web.com@test.pettijohn-web.com

and send an email to myself the from address is t...@test.my.domain
instead of what it should be.  However, when using thunderbird it works
as expected.


I believe that is a mutt configuration issue.


Just tried on my postfix server and I think you're right I just never 
noticed it before.



Is there a way to make the listen work like the relay and just use the
matching cert?


I don't think so. I think you'd have to configure an additional IP 
address for the 2nd domain, and then create a dedicated listen rule in 
smptd.conf for each IP, one per domain.



Thats what I was planning to try next.

Thanks

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: a few more questions

[Seth]

On Sun, 18 Jan 2015 14:25:20 -0800, Edgar Pettijohn  
 wrote:



I added another host and test user and everything seems to be working.
Reread smtpd.conf(5) and feel good about this setup.  A few questions
remain.  When I connect from my home pc with:

$ mutt -f imap://t...@test.pettijohn-web.com@test.pettijohn-web.com

and send an email to myself the from address is t...@test.my.domain
instead of what it should be.  However, when using thunderbird it works
as expected.


I believe that is a mutt configuration issue.


Is there a way to make the listen work like the relay and just use the
matching cert?


I don't think so. I think you'd have to configure an additional IP address  
for the 2nd domain, and then create a dedicated listen rule in smptd.conf  
for each IP, one per domain.


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: a few more questions

[Edgar Pettijohn]

On 01/18/15 16:25, Edgar Pettijohn wrote:


Sorry for the B's don't know where they came from just pretend they 
aren't there. :-)

a few more questions

[Edgar Pettijohn]

I added another host and test user and everything seems to be working.  
Reread smtpd.conf(5) and feel good about this setup.  A few questions 
remain.  When I connect from my home pc with:


$ mutt -f imap://t...@test.pettijohn-web.com@test.pettijohn-web.com

and send an email to myself the from address is t...@test.my.domain 
instead of what it should be.  However, when using thunderbird it works 
as expected.  It also does not present the proper cert for the new 
domain.  From the man page:


#pki listen context
The *hostnames* parameter overrides the server name for specific 
addresses. Table /names/ contains a mapping of IP addresses to hostnames 
and smtpd(8)  
will use the hostname that matches the address on which the connection 
arrives if it is found in the mapping.


If all virtual domains map to the same ip then this  table won't 
work.


#pki relay context
When relaying, STARTTLS is always attempted if available on remote host 
and OpenSMTPD will try to present a certificate matching the outgoing 
hostname if one is registered in the pki. If pki is specified, the 
certificate registered for pkiname is used instead.


Is there a way to make the listen work like the relay and just use the 
matching cert?


# cat /etc/mail/smtpd.conf
#   $OpenBSD: smtpd.conf,v 1.7 2014/03/12 18:21:34 tedu Exp $

# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.

table aliases db:/etc/mail/aliases.db
table vdomains db:/etc/mail/vdomains.db
table vusers db:/etc/mail/vusers.db

pki test.pettijohn-web.com certificate "/etc/ssl/test.pettijohn-web.com.crt"
pki test.pettijohn-web.com key "/etc/ssl/private/test.pettijohn-web.com.key"
pki openbsd.pettijohn-web.com certificate 
"/etc/ssl/openbsd.pettijohn-web.com.crt"
pki openbsd.pettijohn-web.com key 
"/etc/ssl/private/openbsd.pettijohn-web.com.key"


listen on egress tls
listen on lo0

queue compression
queue encryption key f61de1a07fba7ccd57af89df8c28fc1f

accept from any for domain  virtual  deliver to mda \
"/usr/local/libexec/dovecot/dovecot-lda -f %{sender} -d %{rcpt}"
accept for local alias  deliver to maildir
accept from any for any relay


Thanks,

Edgar

Re: strange behavior on delivering messages

[Илья Коскин]

I was able to solve problem by myself. 

All i do is swap lines in config. So: 

accept for local alias  deliver to mbox
accept for any relay
accept from any for domain  alias  deliver to mda 
"/usr/local/bin/procmail"


will NOT work, and:

accept for local alias  deliver to mbox
accept from any for domain  alias  deliver to mda 
"/usr/local/bin/procmail"
accept for any relay

works properly. 

I did not know that it matters, sorry

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: auth/auth-optional

[Seth]

On Sun, 18 Jan 2015 08:39:01 -0800, Edgar Pettijohn  
 wrote:


I've been lurking on the list for a while, and I'm finally getting close  
on my config to replace postfix/dovecot.  However, I'm having some  
issues.  I'm pretty sure I want to use auth in a listener context, but  
its not working out for me.


I think you only need the auth-optional line is situations where you want  
to relay email through this server via SMTP 25/tcp from your own computer  
via a public IP address, and cannot setup the server to listen on the  
separate submission port 587/tcp.


Also in the logs it shows "Server certificate verification failed on  
session dcad1b1012daf5ab" which doesn't sound good,


This is not a show-stopper, it just means that whatever TLS certificate  
the mail server is presenting cannot be verified by the other SMTP  
endpoint involved.


It looks like you are using self-signed certs so this is to be expected  
unless you setup your own CA (Certificate Authority) and then install your  
CA's root certificate on all computers involved.


and finally the "accept from any for any tls" seems scary is that safe  
or does it need work?


That options will force TLS encryption of outbound SMTP connections. If  
the remote mail server does not support TLS, message delivery will fail.


You can test public mail servers for TLS support using these web sites.

mxtoolbox.com
starttls.info
checktls.com

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: strange behavior on delivering messages

[Seth]

this type of messages repeat many many times, and when it stops it ends  
with
Jan 18 21:28:45 mx smtpd[10999]: relay: PermFail for 7074eecd937a1f96:  
session=384f0c868ad0506f, from=,  
to=, rcpt=<->, source=91.210.228.4,  
relay=91.210.228.4 (mx.kasakoff.net), delay=1s, stat=500 5.4.6 Routing  
loop detected: Loop detected


If you haven't already, try stopping the daemon and relaunching it with

smtpd -dv -f /etc/mail/smtpd.conf

That will generate additional debug info that might yields clues as to  
where exactly where the message delivery is failing.


--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

strange behavior on delivering messages

[Илья Коскин]

Hi, i'm using OpenBSD 5.6, and this config:

pki mx.kasakoff.net certificate "/etc/ssl/my/server_srt.pem"
pki mx.kasakoff.net key "/etc/ssl/my/server_key.pem"

listen on lo0

listen on egress inet4 secure pki mx.kasakoff.net auth-optional
listen on egress inet4 port submission tls pki mx.kasakoff.net auth

table aliases db:/etc/mail/aliases.db

table domains { kasakoff.net, koskina.ru }

accept for local alias  deliver to mbox
accept for any relay

accept from any for domain  alias  deliver to mda 
"/usr/local/bin/procmail"

max-message-size 100M

limit mta inet4

When my server sending messages to world, it works fine, when it receives from 
world, it works fine. But when i try to send from local to local, it fails :( 
The strange thing, this config worked perfect on ubuntu, but when i migrated to 
openbsd something broken :( here is log, when trying to send:

Jan 18 21:23:01 mx smtpd[10999]: smtp-in: New session 384f0c79ff6935e1 from 
host 192.168.0.88 [192.168.0.88]
Jan 18 21:23:01 mx smtpd[10999]: smtp-in: No PKI entry for requested SNI 
"kasakoff.net"on session 384f0c79ff6935e1
Jan 18 21:23:01 mx smtpd[10999]: smtp-in: Started TLS on session 
384f0c79ff6935e1: version=TLSv1/SSLv3, cipher=ECDHE-RSA-AES256-SHA, bits=256
Jan 18 21:23:01 mx smtpd[10999]: smtp-in: Accepted authentication for user 
ekaterina on session 384f0c79ff6935e1
Jan 18 21:23:01 mx smtpd[10999]: smtp-in: Accepted message b4bc4ccd on session 
384f0c79ff6935e1: from=, to=, 
size=385, ndest=1, proto=ESMTP
Jan 18 21:23:01 mx smtpd[10999]: smtp-out: Connecting to 
smtp+tls://91.210.228.4:25 (mx.kasakoff.net) on session 384f0c7ca36f309d...
Jan 18 21:23:01 mx smtpd[10999]: smtp-out: Connected on session 384f0c7ca36f309d
Jan 18 21:23:01 mx smtpd[10999]: smtp-in: New session 384f0c7d0d1f236e from 
host mx.kasakoff.net [91.210.228.4]
Jan 18 21:23:01 mx smtpd[10999]: smtp-in: Started TLS on session 
384f0c7d0d1f236e: version=TLSv1/SSLv3, cipher=ECDHE-RSA-CHACHA20-POLY1305, 
bits=256
Jan 18 21:23:01 mx smtpd[10999]: smtp-out: Started TLS on session 
384f0c7ca36f309d: version=TLSv1/SSLv3, cipher=ECDHE-RSA-CHACHA20-POLY1305, 
bits=256
Jan 18 21:23:01 mx smtpd[10999]: smtp-in: Client certificate verification 
failed on session 384f0c7d0d1f236e
Jan 18 21:23:01 mx smtpd[10999]: smtp-out: Server certificate verification 
failed on session 384f0c7ca36f309d
Jan 18 21:23:01 mx smtpd[10999]: smtp-in: Accepted message 1d71dea2 on session 
384f0c7d0d1f236e: from=, to=, 
size=643, ndest=1, proto=ESMTP
Jan 18 21:23:01 mx smtpd[10999]: relay: Ok for b4bc4ccdecf23a14: 
session=384f0c7ca36f309d, from=, to=, 
rcpt=<->, source=91.210.228.4, relay=91.210.228.4 (mx.kasakoff.net), delay=0s, 
stat=250 2.0.0: 1d71dea2 Message accepted for delivery
Jan 18 21:23:02 mx smtpd[10999]: smtp-in: Accepted message c13282e9 on session 
384f0c7d0d1f236e: from=, to=, 
size=913, ndest=1, proto=ESMTP
Jan 18 21:23:02 mx smtpd[10999]: relay: Ok for 1d71dea2756ef54f: 
session=384f0c7ca36f309d, from=, to=, 
rcpt=<->, source=91.210.228.4, relay=91.210.228.4 (mx.kasakoff.net), delay=1s, 
stat=250 2.0.0: c13282e9 Message accepted for delivery
Jan 18 21:23:03 mx smtpd[10999]: smtp-in: Accepted message 189a3f47 on session 
384f0c7d0d1f236e: from=, to=, 
size=1183, ndest=1, proto=ESMTP
Jan 18 21:23:03 mx smtpd[10999]: relay: Ok for c13282e9424a42f3: 
session=384f0c7ca36f309d, from=, to=, 
rcpt=<->, source=91.210.228.4, relay=91.210.228.4 (mx.kasakoff.net), delay=1s, 
stat=250 2.0.0: 189a3f47 Message accepted for delivery

this type of messages repeat many many times, and when it stops it ends with

Jan 18 21:28:44 mx smtpd[10999]: relay: Ok for c10d01c5ed34e46f: 
session=384f0c868ad0506f, from=, to=, 
rcpt=<->, source=91.210.228.4, relay=91.210.228.4 (mx.kasakoff.net), delay=1s, 
stat=250 2.0.0: 7074eecd Message accepted for delivery
Jan 18 21:28:45 mx smtpd[10999]: warn: loop detected: Undefined error: 0
Jan 18 21:28:45 mx smtpd[10999]: smtp-in: Failed command on session 
384f0c87af0178af: "DATA" => 500 5.4.6 Routing loop detected: Loop detected
Jan 18 21:28:45 mx smtpd[10999]: relay: PermFail for 7074eecd937a1f96: 
session=384f0c868ad0506f, from=, to=, 
rcpt=<->, source=91.210.228.4, relay=91.210.228.4 (mx.kasakoff.net), delay=1s, 
stat=500 5.4.6 Routing loop detected: Loop detected

thanks for help

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

auth/auth-optional

[Edgar Pettijohn]

I've been lurking on the list for a while, and I'm finally getting close 
on my config to replace postfix/dovecot.  However, I'm having some 
issues.  I'm pretty sure I want to use auth in a listener context, but 
its not working out for me.  Also in the logs it shows "Server 
certificate verification failed on session dcad1b1012daf5ab" which 
doesn't sound good, and finally the "accept from any for any tls" seems 
scary is that safe or does it need work? If you need to see more to help 
I'll gladly send, but I don't think the contents of my tables are at fault.


thanks in advance

table aliases db:/etc/mail/aliases.db
table vdomains db:/etc/mail/vdomains.db
table vusers db:/etc/mail/vusers.db
table creds db:/etc/mail/creds.db

pki test.pettijohn-web.com certificate "/etc/ssl/test.pettijohn-web.com.crt"
pki test.pettijohn-web.com key "/etc/ssl/private/test.pettijohn-web.com.key"

listen on egress tls pki test.pettijohn-web.com auth-optional 
listen on lo0

queue compression
queue encryption key f61de1a07fba7ccd57af89df8c28fc1f

accept from any for domain  virtual  deliver to mda \
"/usr/local/libexec/dovecot/dovecot-lda -f %{sender} -d %{rcpt}"
accept for local alias  deliver to maildir
accept from any for any relay tls

an 18 11:04:37 test smtpd[19071]: info: OpenSMTPD 5.4.3 starting
Jan 18 11:04:37 test smtpd[31324]: info: startup
Jan 18 11:04:37 test smtpd[17018]: queue: queue compression enabled
Jan 18 11:04:37 test smtpd[17018]: queue: queue encryption enabled
Jan 18 11:05:03 test smtpd[28771]: smtp-in: New session dcad1b0d36ef0919 
from host 50.59.230.47 [50.59.230.47]
Jan 18 11:05:04 test smtpd[28771]: smtp-in: Accepted message 0076ede3 on 
session dcad1b0d36ef0919: from=, 
to=, size=397, ndest=1, proto=ESMTP

Jan 18 11:05:04 test smtpd[28771]: smtp-in: Closing session dcad1b0d36ef0919
Jan 18 11:05:05 test smtpd[28771]: smtp-out: Connecting to 
tls://108.61.222.55:25 (pettijohn-web.com) on session dcad1b1012daf5ab...
Jan 18 11:05:05 test smtpd[28771]: smtp-out: Connected on session 
dcad1b1012daf5ab
Jan 18 11:05:05 test smtpd[28771]: smtp-out: Started TLS on session 
dcad1b1012daf5ab: version=TLSv1/SSLv3, 
cipher=ECDHE-RSA-CHACHA20-POLY1305, bits=256
Jan 18 11:05:05 test smtpd[28771]: smtp-out: Server certificate 
verification failed on session dcad1b1012daf5ab
Jan 18 11:05:06 test smtpd[28771]: relay: Ok for 0076ede349e5580f: 
session=dcad1b1012daf5ab, from=, 
to=, rcpt=<->, source=104.207.147.73, 
relay=108.61.222.55 (pettijohn-web.com), delay=2s, stat=250 2.0.0 Ok: 
queued as D6C081A86E
Jan 18 11:05:16 test smtpd[28771]: smtp-out: Closing session 
dcad1b1012daf5ab: 1 message sent.


#logs after changing auth-optional to auth
Jan 18 11:08:55 test smtpd[6570]: info: OpenSMTPD 5.4.3 starting
Jan 18 11:08:55 test smtpd[21553]: info: startup
Jan 18 11:08:55 test smtpd[23294]: queue: queue compression enabled
Jan 18 11:08:55 test smtpd[23294]: queue: queue encryption enabled
Jan 18 11:09:01 test dovecot: imap(t...@test.pettijohn-web.com): 
Disconnected: Logged out in=518 out=525
Jan 18 11:09:01 test dovecot: imap(t...@test.pettijohn-web.com): 
Disconnected: Logged out in=1140 out=4376
Jan 18 11:09:01 test dovecot: imap(t...@test.pettijohn-web.com): 
Disconnected: Logged out in=2201 out=8763
Jan 18 11:09:12 test dovecot: imap-login: Login: 
user=, method=PLAIN, rip=50.59.230.47, 
lip=104.207.147.73, mpid=28367, TLS, session=
Jan 18 11:09:46 test dovecot: imap-login: Login: 
user=, method=PLAIN, rip=50.59.230.47, 
lip=104.207.147.73, mpid=25477, TLS, session=
Jan 18 11:09:48 test dovecot: imap-login: Login: 
user=, method=PLAIN, rip=50.59.230.47, 
lip=104.207.147.73, mpid=1200, TLS, session=
Jan 18 11:10:57 test smtpd[12445]: smtp-in: New session dd59f089fd7293d5 
from host 50.59.230.47 [50.59.230.47]
Jan 18 11:10:57 test smtpd[12445]: smtp-in: Failed command on session 
dd59f089fd7293d5: "MAIL FROM: SIZE=412" => 
530 5.5.1 Invalid command: Must issue an AUTH command first


$ openssl s_client -connect test.pettijohn-web.com:25 -starttls smtp
CONNECTED(0003)
ehlo example.com
depth=0 C = US, ST = Texas, L = Alvin, CN = test.pettijohn-web.com, 
emailAddress = ed...@pettijohn-web.com

verify error:num=18:self signed certificate
verify return:1
depth=0 C = US, ST = Texas, L = Alvin, CN = test.pettijohn-web.com, 
emailAddress = ed...@pettijohn-web.com

verify return:1
---
Certificate chain
 0 
s:/C=US/ST=Texas/L=Alvin/CN=test.pettijohn-web.com/emailAddress=ed...@pettijohn-web.com

i:/C=US/ST=Texas/L=Alvin/CN=test.pettijohn-web.com/emailAddress=ed...@pettijohn-web.com
---
Server certificate
-BEGIN CERTIFICATE-
a lot of output you don't want to see
-END CERTIFICATE-
subject=/C=US/ST=Texas/L=Alvin/CN=test.pettijohn-web.com/emailAddress=ed...@pettijohn-web.com
issuer=/C=US/ST=Texas/L=Alvin/CN=test.pettijohn-web.com/emailAddress=ed...@pettijohn-web.com
---
No client certificate CA names sent
---
SSL handshake has read 2392 bytes and written 541 bytes
---
New, TLSv1/SSLv3, Cipher is ECD