Re: [exim] Can't read SSL key/cert, how to debug?

Top Page
Delete this message
Reply to this message
Author: Evgeniy Berdnikov
Date:  
To: exim-users
Subject: Re: [exim] Can't read SSL key/cert, how to debug?
On Sat, Dec 20, 2014 at 07:40:31PM +0100, Yves Goergen wrote:
> >TLS error on connection from ... (gnutls_handshake): Could not negotiate a supported cipher suite.
>
> No matter whether I use STARTTLS on port 25 or implicit SSL on port 465. I
> made a test to show me the SSL certificate using this command:
>
> > openssl s_client -connect localhost:465
>
> And here's what it said:
>
> >CONNECTED(00000003)
> >139894382376608:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:

[...]
> What can be the cause of the problem and how could I resolve it?


Did you play with ssl/tls options? Did you restrict list of ciphers?
Try to run exim with debugging options, -d-all+tls first.
--
Eugene Berdnikov