What client are you trying to use?
What's in the error log above and below that line? Have you tried to
bump up the logging level by uncommenting the debug constants after
the use IO::Socket::SSL line?
When I did that I found that the issue I was having (this was with
plain old tcpserver, YMMV) was that client and server couldn't agreee
on a cipher - qpsmtpd is restricted to openssl's "HIGH" quality
ciphers by default. To change this check out the qpsmtpd-0.3x branch
with a revision > 663 and modify config/tls_ciphers. For example, I
have:
# for available ciphers and format, see:
# http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS
# versamail 3.x requires either RC4-MD5 or RC4-SHA
# openssl default is "DEFAULT", but qpsmtpd uses "HIGH" as default
HIGH:RC4-SHA:RC4-MD5
But this was determined by painstakingly determining which cipher
versamail needed. Your best bet is to change that to "ALL", and see
if that works (if it doesn't, it's something else altogether). See
http://www.nntp.perl.org/group/perl.qpsmtpd/5584 and followups. For
more.
But again, with the IO::Socket::SSL debug stuff enabled, you should
see something useful above or near the mysterious "Could not create
SSL socket" error which should send you down the right path in all
cases.
Good luck & let us know what you find.
Brian
On Oct 6, 2006, at 3:21 PM, Ed McLain wrote:
Ok.. Now that I have everything working with apache and qpsmtpd I'm
wanting to throw tls into the mix as well. I've got the certs and
keys
built, however, when I issue a STARTTLS command I get the following:
250-PIPELINING
250-8BITMIME
250 STARTTLS
STARTTLS
220 Go ahead with TLS
500 TLS Negotiation Failed
quit
and I get this in the apache error log:
TLS failed: Could not create SSL socket: at /home/smtpd/qpsmtpd//
plugins/tls line 98.
Is there an issue with trying to create an SSL socket inside
apache? Does
anybody have this working?
Thanks,
Ed
