Hi!You said you didn’t change Postfix configuration. I’m pretty sure this is the issue. You configured the server to reject a connection not using TLS, so you need to tell the client to use it.
So what's the difference between a MAriaDB Client file and the various "tls_" settings in the connection.cf file
I was thinking about the MariaDB `ssl` setting, that enable TLS without validating server certificate. That setting isn’t documented in the link you provided, so I guess it can only be set in a MariaDB option file.
This being said, I’m not even sure the Postfix support that setting, and it is inherently insecure. So as Viktor said, just set tls_CAfile or tls_CApath, which should implicitly enable TLS.
I don’t know Postfix working as well as Viktor, but: - you made TLS mandatory server side - you claimed you didn’t change client configuration This cannot work. Regards, -- Étienne Miret https://etienne.miret.io/
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
