Am 15.04.2013 13:57, schrieb Joan Moreau: > Le 15/04/2013 10:24, Charles Marcus a écrit : > Roll back to the previous kernel. > > Seriously. If you updated the kernel but didn't keep the last known > good/working one, then hopefully you have learned why doing this is such > a good idea and will do so in the future. > > Reverted to 3.7.10. Recompiled openssl + cyrus + posfix . Same errors. Where > does the inconsistency reside ? > > 2013-04-15T13:55:29.921960+02:00 server postfix/smtpd[3308]: warning: TLS > library problem: 3308:error:1411C146:SSL > routines:tls1_prf:unsupported digest type:t1_enc.c:276: > 2013-04-15T13:55:29.921966+02:00 server postfix/smtpd[3308]: warning: TLS > library problem: 3308:error:140D308A:SSL > routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable:t1_enc.c:597
for me this sound like you are doing "configure && make && make install" well this does not cleanup all garbage, doing so repeatly let's as example fail mysql to compile at all this is why things like "rpmbuild" was invited, they are working in a predictable and clean buildroot and with the resulting binaries you can predictable downgrade/upgrade packages and since dependencies for libraries and APIs are automatically injected in the RPM packages you normally recognize a binary incompatible update because RPM refuse to install the package additionally NOBODY builds his binaries on the production machine and fires "make install", NOBODY - this has to be done on a testmachine and if the binary package works there you minimize the risk i know that this does not help you very much now but that should be what you learned the hardway by brick a production environement without take care how to make sure updates are working however, this is not a postfix-problem, this is revenge of bad practice
signature.asc
Description: OpenPGP digital signature
