I have gotten to the point that the keystore used by the jetty application is
properly configured:
JAVA_VERSION="12" java
-Djavax.net.ssl.trustStore=/opt/idempiere/idempiere-server/jettyhome/etc/keystore
-Djavax.net.ssl.trustStorePassword=testing SSLPoke mx32.harte-lyne.ca 465
Successfully conne
On Mon, December 21, 2020 12:30, James B. Byrne wrote:
> I have gotten to the point that the keystore used by the jetty application is
> properly configured:
>
> JAVA_VERSION="12" java
> -Djavax.net.ssl.trustStore=/opt/idempiere/idempiere-server/jettyhome/etc/keystore
> -Djavax.net.ssl.trustSto
James B. Byrne:
> > Dec 21 12:25:21 mx32 postfix-p25/smtpd[62565]: warning: TLS library problem:
> > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate
> > unknown:/usr/src/crypto/openssl/ssl/record/rec_layer_s3.c:1544:SSL alert
> > number
> > 46:
> > Dec 21 12:25:21 mx32 postfix-
On Mon, Dec 21, 2020 at 12:30:57PM -0500, James B. Byrne wrote:
> Dec 21 12:25:21 mx32 postfix-p25/smtpd[62565]: warning:
> TLS library problem: error:14094416:SSL routines:ssl3_read_bytes:
> sslv3 alert certificate unknown:
> /usr/src/crypto/openssl/ssl/record/rec_layer_s3.c:1544:
> SSL alert
On Mon, December 21, 2020 13:46, Wietse Venema wrote:
> James B. Byrne:
>> > Dec 21 12:25:21 mx32 postfix-p25/smtpd[62565]: warning: TLS library
>> problem:
>> > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate
>> > unknown:/usr/src/crypto/openssl/ssl/record/rec_layer_s3.c:154
On Mon, December 21, 2020 14:20, Viktor Dukhovni wrote:
>
> - The Postfix SMTP server is reporting an error from the underlying
> OpenSSL library.
> - That error is receipt of a fatal "SSL alert", i.e. a courtesy message
> from the *client* that it cannot complete the handshake, and is givi
James B. Byrne:
[ Charset ISO-8859-1 converted... ]
>
>
> On Mon, December 21, 2020 13:46, Wietse Venema wrote:
> > James B. Byrne:
> >> > Dec 21 12:25:21 mx32 postfix-p25/smtpd[62565]: warning: TLS library
> >> problem:
> >> > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate
>
On Mon, Dec 21, 2020 at 03:11:13PM -0500, James B. Byrne wrote:
> JAVA_VERSION="12" java
> -Djavax.net.ssl.trustStore=/opt/idempiere/idempiere-server/jettyhome/etc/keystore
> -Djavax.net.ssl.trustStorePassword=testing SSLPoke 192.168.216.32 465
This is largely a non-Postfix issue. You're strug
On Mon, December 21, 2020 15:22, Wietse Venema wrote:
> James B. Byrne:
> [ Charset ISO-8859-1 converted... ]
>>
>>
>> On Mon, December 21, 2020 13:46, Wietse Venema wrote:
>> > James B. Byrne:
>> >> > Dec 21 12:25:21 mx32 postfix-p25/smtpd[62565]: warning: TLS library
>> >> problem:
>> >> > err
James B. Byrne:
> >> JAVA_VERSION="12" java
> >> -Djavax.net.ssl.trustStore=/opt/idempiere/idempiere-server/jettyhome/etc/keystore
> >> -Djavax.net.ssl.trustStorePassword=idempiere-2020-ksadmin SSLPoke
> >> 192.168.216.32 465
> >> Successfully connected
> >
> > That proves nothing. This test uses
On Mon, December 21, 2020 15:42, Viktor Dukhovni wrote:
>
> This is largely a non-Postfix issue. You're struggling to configure and
> use some Java software, and this is not the forum for support with that.
I understand that. Java support is not what I am asking for. I am trying to
understa
Hi all,
I'm using multi-instance postfix and I want to relay messages from a given CIDR
block at a cloud provider, and I want to add a custom header.
I have this in main.cf:
cidr = cidr:${config_directory}/
smtpd_recipient_restrictions =
reject_non_fqdn_recipient
reject_unknown_recipient
Matthew Selsky:
> smtpd_relay_restrictions =
> permit_mynetworks
> check_client_access ${cidr}tag-cloud-email-providers.cidr
> permit_tls_clientcerts
> reject
>
> tag-cloud-email-providers.cidr contains:
> [...]
> 209.85.128.0/17 PREPEND X-Gmail-Tenant: TRUE
> [...]
The above allows a rec
On Tue, Dec 22, 2020 at 12:27:13AM +, Matthew Selsky wrote:
> I'm using multi-instance postfix and I want to relay messages from a
> given CIDR block at a cloud provider, and I want to add a custom
> header.
>
> I have this in main.cf:
> cidr = cidr:${config_directory}/
> smtpd_recipient_res
Dnia 21.12.2020 o godz. 16:33:57 James B. Byrne pisze:
> I have finally gotten to the point that the certificate errors are not the
> Java
> issue, or at least they should not be, since I can use Java and the keystore
> to
> successfully connect to Postfix, albeit on port 465.
If you are able to
On Tue, Dec 22, 2020 at 02:00:27AM +0100, Jaroslaw Rafa wrote:
> If you are able to connect via 465, then maybe the application just isn't
> designed to use "inline" TLS, but rather uses only SMTP-over-TLS? The latter
> is supported on port 465, while submission via port 587 requires first
> plain
Hi Viktor!
On Mon, Dec 21, 2020 at 07:52:49PM -0500, Viktor Dukhovni wrote:
> On Tue, Dec 22, 2020 at 12:27:13AM +, Matthew Selsky wrote:
>
> > I'm using multi-instance postfix and I want to relay messages from a
> > given CIDR block at a cloud provider, and I want to add a custom
> > header.
On Tue, Dec 22, 2020 at 03:23:56AM +, Matthew Selsky wrote:
> I want to allow the Cloud provider to be able to relay all email through
> postfix.
>
> Our setup is:
>
> cloud provider -> postfix gateway -> internet
>
> I want to add a header to the messages from this cloud provider so
> tha
18 matches
Mail list logo
