Topic: TLS error

[Mouse]

Hi.

One server can't send e-mail to one state server.
I test my server, and it also can't.
some week ago all works.
Time/date I checked - all ok.

this is what is in logs in both servers:

TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_195.13.215.166./STARTTLS_proto=TLSv1.2;_cipher=(NONE);/
2024-07-11 20:25:09.553116500 delivery 418: deferral:

Please give some advice where to dig.


p.s. When I put email delivery thru internet provider smtp server - all goes out.

[ReetP]

Server version?
Update status?
Debug logs?

[Mouse]

Hi

Version 10.1
all updates on

mails stand in Qmail message queue.

only error is -
2024-07-11 12:49:34.134670500 starting delivery 12463: msg 3222590988 to remote ******@lvm.lv
2024-07-11 12:49:51.667942500 delivery 12463: deferral: TLS_connect_failed:_error:14077410:SSL_routines:SSL23_GET_SERVER_HELLO:sslv3_alert_handshake_failure;_connected_to_195.13.215.166./STARTTLS_proto=TLSv1.2;_cipher=(NONE);/

[Jean-Philippe Pialasse]

please give output of

config show modSSL

config show qmail


the message says your server was not able to negociate a cipher with the remote server. 

[Mouse]

[root@server ~]# config show modSSL
modSSL=service
    CertificateChainFile=/home/e-smith/ssl.crt/chain.pem
    TCPPort=443
    access=public
    crt=/home/e-smith/ssl.crt/*******.crt
    key=/home/e-smith/ssl.key/*******.key
    status=enabled

[root@server ~]# config show qmail
qmail=service
    MaxMessageSize=99000000
    status=enabled

[Mouse]

Hi

This error is only sending to one site.
All other works. Also gmail accepts without problems.

They admin says that only from us not working. All other are sending to them without problem.

And this error is at least on 2 SME servers to this site.

SSL certificate is PositiveSSL from Sectigo Limited