James B. Byrne:
[ Charset ISO-8859-1 converted... ]
>
>
> On Mon, December 21, 2020 13:46, Wietse Venema wrote:
> > James B. Byrne:
> >> > Dec 21 12:25:21 mx32 postfix-p25/smtpd[62565]: warning: TLS library
> >> problem:
> >> > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate
> >> > unknown:/usr/src/crypto/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert
> >> number
> >> > 46:
> >> > Dec 21 12:25:21 mx32 postfix-p25/smtpd[62565]: lost connection after
> >> STARTTLS
> >> > from accounting-2.internal.harte-lyne.ca[192.168.216.88]
> >
> > Results from A web search suggest that this may be a certificate
> > verification problem.
>
> That is what I have been trying to confirm. And after a lot of poking around
> with Java's keystore/cacrets implementation I think that I have ruled that
> out:
>
> JAVA_VERSION="12" java
> -Djavax.net.ssl.trustStore=/opt/idempiere/idempiere-server/jettyhome/etc/keystore
> -Djavax.net.ssl.trustStorePassword=idempiere-2020-ksadmin SSLPoke
> 192.168.216.32 465
> Successfully connected
That proves nothing. This test uses port 465, but your Javamail is
connecting to port 25.
Also no need to turn on -v logging at all. It just makes the
problem harder to see: the client does not like the server
certifcate from the service on port 25.
Wietse
Wietse
