Re: [exim] SSL/TLS connections not possible (Urgent)

Top Page
Delete this message
Reply to this message
Author: Chris Lear
Date:  
To: exim
Subject: Re: [exim] SSL/TLS connections not possible (Urgent)
* Yves Goergen wrote (17/05/06 11:42):
> Hello,
>
> I've set up our new web server and just replaced the old one with it.
> Everything's working fine, except that Exim doesn't accept SSL or TLS
> connections. With SSL connections on port 465, Thunderbird says
> immediately that it could not connect. With TLS on port 25, it takes
> forever for the same message. Without TLS/SSL, the mails can be sent
> just fine. Exim is running as "mail" and listening on both ports 25 and
> 465. It has read access to the server's SSL certificate (the same as on
> the old server, where it still worked).
>
> Here's what Exim puts in its mainlog:
>
> 2006-05-17 12:34:28 TLS error on connection from
> p54942341.dip0.t-ipconnect.de ([192.168.0.2]) [84.148.35.65]
> (SSL_accept): Not Implemented


This looks like it's coming from line 701 in tls-openssl.c (reproduced
here with some context)

rc = SSL_accept(ssl);
alarm(0);

if (rc <= 0)
  {
  if (sigalrm_seen) Ustrcpy(ssl_errstring, "timed out");
    else ERR_error_string(ERR_get_error(), ssl_errstring);
  log_write(0, LOG_MAIN, "TLS error on connection from %s (SSL_accept): %s",
    (sender_fullhost != NULL)? sender_fullhost : US"local process",
    ssl_errstring);
  return FAIL;
  }


The "Not Implemented" looks like it's coming from an openssl error.

I don't know what to do to fix it, I'm afraid, but I would do some
openssl debugging if possible.

Chris