Re: 6.9 regression: opensmtpd complains "smtp cert-check result=\"no certificate presented\""

Harald Dunkel Mon, 21 Jun 2021 08:10:07 -0700

PS: The peer is very picky wrt TLS, thats why this is an
important problem. The peer log file shows


        :
        Diagnostic-Code: X-Postfix; TLS is required, but was not offered by host
            mail.example.de[10.145.142.10]
        Return-Path: <xxx...@posteo.de>
        Received: from mout01.posteo.de (unknown [10.0.0.65])
                by mout01.posteo.de (Postfix) with ESMTPS id CDAFB1A014F
                for <jupp.schm...@example.com>; Mon, 21 Jun 2021 10:31:44 +0200 
(CEST)
        :

So how comes that my MTA suddenly does not offer TLS, even though the
listen lines say

        xname = "mail.example.de"

        pki $xname cert "/etc/ssl/public/mail.example.de.chain.pem"
        pki $xname key "/etc/ssl/private/smtpd.key.pem"
        pki $xname dhe auto

        listen on lo0           tls pki $xname
        listen on internal      tls pki $xname
        listen on external      tls pki $xname


Regards
Harri

Re: 6.9 regression: opensmtpd complains "smtp cert-check result=\"no certificate presented\""

Reply via email to