Re: [exim] TLS client disconnected cleanly (rejected our cer…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Arkadiusz Miskiewicz
Date:  
À: exim-users
Sujet: Re: [exim] TLS client disconnected cleanly (rejected our certificate?) - intermediate ssl certificate problem?
On Monday 23 of May 2011, Heiko Schlittermann wrote:
> Arkadiusz Miskiewicz <arekm@???> (Mon May 23 10:52:11 2011):
> > I've replaced rapidssl cert recently with new one. rapidssl started to
> > use intermediate certificate. Unfortunately I'm getting in smtp server
> > logs (exim 4.76):
> >
> > (SSL_accept): error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
> > certificate
> > 2011-05-23 10:42:57 TLS client disconnected cleanly (rejected our
> > certificate?)
> >
> > tls_certificate points to a file which contains 3 certificates:
> >
> > - cert for my domain issued by: Issuer: C=US, O=GeoTrust, Inc.,
> > CN=RapidSSL CA
> >
> > - intermediate cert:
> >         Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
> >         Subject: C=US, O=GeoTrust, Inc., CN=RapidSSL CA

> >
> > - third cert:
> >         Issuer: C=US, O=Equifax, OU=Equifax Secure Certificate Authority
> >         Subject: C=US, O=GeoTrust Inc., CN=GeoTrust Global CA

> >
> > in exactly that order.
> >
> > tls_privatekey points to a file with private key.
> >
> > The question is why "alert bad certificate" comes up if everything looks
> > fine, all intermediate certs are provided etc?


>
> May be you can tell us how to connect the server you're talking about, some
> of the problems can be detected from outside.


It's smtp-arm.beep.pl

-- 
Arkadiusz Miśkiewicz        PLD/Linux Team
arekm / maven.pl            http://ftp.pld-linux.org/