Forgot to CC it. -------- Original Message -------- Subject: Re: TLS certificate Date: Fri, 06 Feb 2009 19:11:43 +0200 From: Tolga <to...@ozses.net> To: Patrick Ben Koetter <p...@state-of-mind.de>
On Fri, 6 Feb 2009 15:58:29 +0100, Patrick Ben Koetter <p...@state-of-mind.de> wrote: > * Tolga <to...@ozses.net>: >>> Here's your error: "unable to verify the first certificate". Did you > add your >>> CA certificate to your CA certificate store ca-bundles.crt (in your > case)? >>> >>> p...@rick >>> >> I just did that, restarted postfix, and when I did an openssl s_client >> -starttls smtp -CAfile /etc/ssl/certs/ca-certificates.crt -connect >> localhost:25, I got the below: >> > > ... > >> SSL handshake has read 1550 bytes and written 351 bytes >> --- >> New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA >> Server public key is 1024 bit >> Compression: NONE >> Expansion: NONE >> SSL-Session: >> Protocol : TLSv1 >> Cipher : DHE-RSA-AES256-SHA >> Session-ID: > 7F5D4F111580DC176FF265EEEA3C028BF973B796865BCC695ED7056A3A6EFA50 >> Session-ID-ctx: >> Master-Key: >> > 818D5B49C5CB09E8490FD03042774E97C5569A7FA39A2A77FB6E0A455B0A433CA9F6A4BA6CA15E0CABE22E2735D2B43E >> Key-Arg : None >> Start Time: 1233918080 >> Timeout : 300 (sec) >> Verify return code: 0 (ok) >> --- >> 250 DSN >> >> but I still can't use the new certificate :( > > Who can't use the certificate? I, when I try with Thunderbird from another location. Regards, /Tolga > > p...@rick > > -- > The Book of Postfix > <http://www.postfix-book.com> > saslfinger (debugging SMTP AUTH): > <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
