Jump to content
Froxlor Forum
  • 0

eMail with TLS/SSL - ssl_error_rx_record_too_long

Spacey

Asked by Spacey,

Question

Spacey Rookie

Spacey

Posted
Posted

Hi,

 

ATM I'm really thinking I'm totally stupid - I don't get it :)

 

On my actual debian box everything is OK with eMail (pop3/imap) and TLS/SSL - self signed. But now on a completely new debian squeeze system install I can't get it to work. In my test-eMail client "Postbox" I get this:

 

 

Ein Fehler ist w?hrend einer Verbindung mit my.server.de:143 aufgetreten.
SSL hat einen Eintrag erhalten, der die maximal erlaubte L?nge ?berschritten hat.
(Fehlercode: ssl_error_rx_record_too_long)

 

I tried to create SSL certs after these manuals:

One

 

Two

Three

 

and I guess 1-2 more. Nothing works, always the same.

 

I even re-created the courier certs but the :143 is IMAP - within the client I've set up pop3 with SSL?! Trying with Thunderbird using these autodetect features it won't allow me TLS/SSL but only STARTTLS - remember on my other debian froxy box it works flawless with TLS/SSL!? Using Apple's mail.app it's getting really crazy: Sometimes it works but then suddenly not?!

 

More interesting stuff: Nothing can be found within the logs...

 

So before I start to post here all my configs I'm asking for a link to a *good* tutorial how to setup self signed certs for Postfix... can anyone please help me here?! :)

 

Thanks a lot! rolleyes.gif

Link to comment
Share on other sites

3 answers to this question

Recommended Posts

hedo Rookie

hedo

Posted
Posted

I have so:

 

smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/ssl/xxxxx.key.unencrypted
smtpd_tls_cert_file = /etc/ssl/xxxxxxx.crt
smtpd_tls_CAfile = /etc/ssl/xxxxxx.crt
smtpd_tls_loglevel = 0
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

Link to comment
Share on other sites
Spacey Rookie

Spacey

Posted
  • Author
Posted

Hi!

Yea.... that's the section within the config. The tricky thing is just how to *correctly* create all the needed certs & stuff.... I read & tried several tutorials and all are different....

 

ATM it seems like openssl is also messed up a bit after creating a new CA within one tutorial - already tried to re-install openssl but no luck so far.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to question listing


×
×
  • Create New...