Did you know LQ has a Linux Hardware Compatibility List?
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 01-02-2006, 10:05 PM   #1
Registered: Mar 2005
Posts: 59

Rep: Reputation: 15
postfix gives me tls handshake failure

i have (tried to) configure postfix to relay mail to a gmail email account. Gmail requires ssl. i found through research tls == ssl. So i configured tls (and everything else for that matter) at i continually get a handshake failure from looking like this:
delivery via[]: Cannot start TLS: handshake failure

where do i look for success? to configure my certificates i created the following script (because i was doing it so much):

#remove all previous files
rm -rf FOO* demoCA &&
/etc/ssl/misc/ -newca &&
openssl req -new -nodes -keyout FOO-key.pem -out FOO-req.pem -days 3650 &&
openssl ca -out FOO-cert.pem -infiles FOO-req.pem &&
cp FOO-cert.pem FOO-key.pem demoCA/cacert.pem /etc/postfix &&
cp demoCA/cacert.pem /etc/postfix &&
chmod +644 /etc/postfix/FOO-cert.pem /etc/postfix/cacert.pem &&
chmod +400 /etc/postfix/FOO-key.pem &&
postfix reload &&
echo "success" ||
echo "failure"

and the tls part of looks like this:

#tls for smtp
smtp_enforce_tls = yes
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_cert_file = /etc/postfix/FOO-cert.pem
smtp_tls_key_file = /etc/postfix/FOO-key.pem
smtp_tls_recieved_header = yes
smtp_tls_session_cache_database = btree:/var/run/smtp_tls_session_cache
smtp_use_tls = yes

#tls for smtpd (which i don't even use!!!!!!!!!!!)
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/FOO-cert.pem
smtpd_tls_key_file = /etc/postfix/FOO-key.pem
smtpd_tls_recieved_header = yes
smtpd_tls_session_cache_database = btree:/var/run/smtpd_tls_session_cache
smtpd_use_tls = yes

tls_random_source = dev:/dev/urandom

the rest of the added configuration follows the details in the above link...

thank you very much for *any* assistance in this matter


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Building Postfix with SASL + TLS mcd Linux - Networking 0 10-08-2005 09:43 PM
modem handshake!!! help!!!! novice_din Programming 1 02-11-2005 08:18 AM
RS 232 & Handshake Hugo Orlando Programming 1 08-03-2004 12:36 AM
Postfix SMTP Auth Failure pembo13 Linux - Networking 1 02-09-2004 09:08 AM
qpopper TLS/SSL Handshake failed: -1 frerotjs Linux - Software 0 07-15-2003 07:09 AM

All times are GMT -5. The time now is 05:26 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration