LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page qmail and SSL: handshake failure:s23_lib.c:188
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 09-22-2009, 09:57 PM   #1
lucmove
Senior Member
 
Registered: Aug 2005
Location: Brazil
Distribution: Debian
Posts: 1,432

Rep: Reputation: 110Reputation: 110
qmail and SSL: handshake failure:s23_lib.c:188

Can someone help me fix this? I want to enable SSL on my qmail server, by far the most secure and difficult to configure MTA in the world. I followed these instructions and pop3 is working, only SMTP is being difficult: I can't send any test message with Kmail. Granted, Kmail doesn't help much either, but I test the connection with my server and get an error:

Code:
[213-0]~> openssl s_client -crlf -starttls smtp -connect mydomain.com:465                                                  ~
CONNECTED(00000003)
didn't found starttls in server response, try anyway...
16174:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:

[214-0]~> openssl s_client -crlf -starttls smtp -connect mydomain.com:25                                                   ~
CONNECTED(00000003)
didn't found starttls in server response, try anyway...
16191:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
I have googled that and similar error messages, but can't reach any useful conclusion. I have also tried many sample configurations posted in old discussions. This is tough stuff.
 
Old 10-09-2009, 05:55 AM   #2
Granon
LQ Newbie
 
Registered: Oct 2009
Location: London
Distribution: Redhat & Fedora
Posts: 4

Rep: Reputation: 0
Sorry I can't help you with configuring qmail.

However your use of s_client for testing is slightly off.

IIRC port 465 is intended to be SMTP over an SSL connection, not tcp with starttls. So instead you'd need to run:
Code:
openssl s_client -crlf -connect mydomain.com:465
Also you could add the "-debug" flag to have an idea about what's happening, both attempts were seemingly complaining that the service hadn't advertised starttls.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure Carpo Slackware 1 07-10-2007 08:46 AM
could not complete SSL handshake - nagios kiruthika Linux - Software 2 07-10-2007 12:22 AM
Linux and SSL Handshake jmarmol Linux - Security 3 02-16-2007 10:27 AM
up2date SSL handshake problem kamii47 Red Hat 1 04-21-2005 03:16 PM
qpopper TLS/SSL Handshake failed: -1 frerotjs Linux - Software 0 07-15-2003 07:09 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 12:38 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration