Author: Evgeniy Berdnikov Date: To: exim-users Subject: Re: [exim] Delay on exim send increases with uptime
Hi.
On Thu, Jan 30, 2020 at 09:01:24PM -0500, Holden Rohrer via Exim-users wrote: > an exim problem with openssl on the server, and it returned an error about
> being unable to verify because it was "unable to get local issuer certificate."
Looks like you have no root CAs installed in your system.
> Exim is showing a similar error in the following logs created after I sent a few test email>s:
> >2020-01-31 00:49:11 1ixKUh-0002AG-3H <= hr@??? H=c-24-98-121-158.hsd1.ga.comcast.net (bruh-moment.localdomain) [24.98.121.158] P=esmtpsa X=TLS1.3:TLS_AES_256_GCM_SHA384:256 CV=no A=PLAIN:hr S=568
> >id=20200131004903.GA40254@???
> >2020-01-31 00:52:23 1ixKUh-0002AG-3H [172.217.197.27] SSL verify error: depth=1 error=unable to get local issuer certificate cert=/C=US/O=Google Trust Services/CN=GTS CA 1O1
Typically 30-60s delays are due to waits for DNS responses. Check your DNS
environment: contents of /etc/resolv.conf, name servers operation, etc.
You can also run "strace -Tfp <exim_daemon_pid>" to look which syscalls
lead to those delays.
--
Eugene Berdnikov