openssl s_client для хост-порта 587 нет соединения с определенным сервером - PullRequest
Новая
       167

openssl s_client для хост-порта 587 нет соединения с определенным сервером

0 голосов
/ 06 августа 2020

Я застрял с этой проблемой несколько дней ...

Я пытаюсь исправить некоторые проблемы ssl smtp на сервере otrs (скажем, на сервере электронной почты).

Я отказался от на данный момент тесты конфигурации postfix, потому что я даже не могу получить правильное ssl-соединение с ssl0.ovh. net сервером с помощью этой команды: 

me@troubled-server $ openssl s_client -connect ssl0.ovh.net:587 -starttls smtp

CONNECTED(00000003)
Didn't find STARTTLS in server response, trying anyway...
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 337 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)

Из моего Linux P C, я подключение нормально: 

tanat@lenovo ~ $ openssl s_client -connect ssl0.ovh.net:587 -starttls smtp

CONNECTED(00000003)
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = ns0.ovh.net
verify return:1
---
Certificate chain
 0 s:OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = ns0.ovh.net
   i:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
 1 s:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
   i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHhTCCBm2gAwIBAgIQFnM2tPve/sdlSsuZdTti+TANBgkqhkiG9w0BAQsFADCB
1CfZaxUPvbS6
-----END CERTIFICATE-----
subject=OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = ns0.ovh.net

issuer=C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-521, 521 bits
---
SSL handshake has read 4575 bytes and written 587 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES256-SHA384
    Session-ID: 5737000097DB9A4A
    Session-ID-ctx: 
    Master-Key: 0FC5E2B90E2D353F7437
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1596726359
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: yes
---
250 8BITMIME

Вот настройки OVH провайдера электронной почты:

ssl0.ovh.net / Protocole: SMTP / Port : 465 / Sécurité: SSL-TLS

Кстати, я пробовал оба порта 465 и 587.

Есть подсказка?

Ты был бы моим героем!

...