Re: [exim] TLSv1 not supported ?

Top Page

Reply to this message
Author: basti
Date:  
To: exim-users
Subject: Re: [exim] TLSv1 not supported ?
Hello,
first of all some distribution use openssl and some use gnutls.
check this with 'exim -bV'

On 27.12.19 19:53, David Saez Padros via Exim-users wrote:
> Hi
>
> a remote server which was able to send us mail using
> P=esmtps X=TLSv1:DHE-RSA-AES256-SHA:256 , after upgrading to Exim 4.93 +
> OpenSSL 1.1.1d is no longer able to send mail to us, logging this error:
>
> (SSL_accept): error:14209102:SSL
> routines:tls_early_post_process_client_hello:unsupported protocol
>
> # openssl ciphers -v | awk '{print $2}' | sort | uniq
> SSLv3
> TLSv1
> TLSv1.2
> TLSv1.3
>
> and
>
> openssl_options = +no_sslv2 +no_sslv3
>
> looking at the logs there is no smtps connection with TLS lower than
> 1.2, is this something due to Exim configuration ?
>
> adding
>
> openssl_options = +no_sslv2 +no_sslv3 -no_tlsv1_1 -no_tlsv1
>
> seems to have no effect
>