problem with client using TLS
ratatouille
ratatouille at bitclusive.de
Sat Jul 18 13:33:23 EEST 2020
Hello!
On my testserver running CentOS8 I have installed dovecot v2.3.8.
I can connect to the server using claws-mail on my PC but can't
using K9-mail on android device.
Jul 18 12:24:57 imap-login: Debug: SSL: where=0x10, ret=1: before SSL initialization
Jul 18 12:24:57 imap-login: Debug: SSL: where=0x2001, ret=1: before SSL initialization
Jul 18 12:24:57 imap-login: Debug: SSL: where=0x2002, ret=-1: before SSL initialization
Jul 18 12:24:57 imap-login: Debug: SSL: where=0x2002, ret=-1: before SSL initialization
Jul 18 12:24:57 imap-login: Debug: SSL: where=0x2001, ret=1: before SSL initialization
Jul 18 12:24:57 imap-login: Debug: SSL alert: where=0x4008, ret=582: fatal protocol version
Jul 18 12:24:57 imap-login: Debug: SSL: where=0x2002, ret=-1: error
Jul 18 12:24:57 imap-login: Debug: SSL error: SSL_accept() failed: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol
Jul 18 12:24:57 imap-login: Info: Disconnected (no auth attempts in 0 secs): user=<>, rip=87.182.44.142, lip=185.84.81.115, TLS handshaking: SSL_accept() failed: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol, session=<uppwr7SqrrpXtiyO>
Jul 18 12:24:57 imap-login: Debug: SSL error: SSL_accept() syscall failed: Invalid argument
Tried different settings without luck.
grep -v '^#' 10-ssl.conf
ssl = yes
ssl_cert = </etc/letsencrypt/live/smtp.dualbit.de/fullchain.pem
ssl_key = </etc/letsencrypt/live/smtp.dualbit.de/privkey.pem
ssl_dh = </etc/dovecot/dh.pem
ssl_min_protocol = TLSv1.2
ssl_cipher_list = PROFILE=SYSTEM
ssl_prefer_server_ciphers = yes
Can somebody help solving this?
Kind regards
Andreas
More information about the dovecot
mailing list