On 15-3-10 16:49 , Quanah Gibson-Mount wrote:
We use self-signed certs with Postfix, and StartTLS on port 25 works just fine. Postfix is linked against OpenSSL 0.9.8m for us.
Is the signature algorithm of your cert sha256WithRSAEncryption ? It looks like there is a bug in postfix where this algorithm is no longer supported when 0.9.8m is used. Apparently postfix does not call SSL_library_init() / OpenSSL_add_ssl_algorithms(), see http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573748 and http://marc.info/?l=openssl-dev&m=126925010314573&w=2
Richard
