Я застрял с этой проблемой несколько дней ...
Я пытаюсь исправить некоторые проблемы ssl smtp на сервере otrs (скажем, на сервере электронной почты).
Я отказался от на данный момент тесты конфигурации postfix, потому что я даже не могу получить правильное ssl-соединение с ssl0.ovh. net сервером с помощью этой команды:
me@troubled-server $ openssl s_client -connect ssl0.ovh.net:587 -starttls smtp
CONNECTED(00000003)
Didn't find STARTTLS in server response, trying anyway...
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 337 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
Из моего Linux P C, я подключение нормально:
tanat@lenovo ~ $ openssl s_client -connect ssl0.ovh.net:587 -starttls smtp
CONNECTED(00000003)
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = ns0.ovh.net
verify return:1
---
Certificate chain
0 s:OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = ns0.ovh.net
i:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
1 s:C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
i:C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIHhTCCBm2gAwIBAgIQFnM2tPve/sdlSsuZdTti+TANBgkqhkiG9w0BAQsFADCB
1CfZaxUPvbS6
-----END CERTIFICATE-----
subject=OU = Domain Control Validated, OU = PositiveSSL Multi-Domain, CN = ns0.ovh.net
issuer=C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-521, 521 bits
---
SSL handshake has read 4575 bytes and written 587 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-SHA384
Server public key is 4096 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-SHA384
Session-ID: 5737000097DB9A4A
Session-ID-ctx:
Master-Key: 0FC5E2B90E2D353F7437
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1596726359
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
250 8BITMIME
Вот настройки OVH провайдера электронной почты:
ssl0.ovh.net / Protocole: SMTP / Port : 465 / Sécurité: SSL-TLS
Кстати, я пробовал оба порта 465 и 587.
Есть подсказка?
Ты был бы моим героем!