SSL errors after certificate renewal

Marc Marc at f1-outsourcing.eu
Tue Sep 7 22:24:11 EEST 2021



nothing comenting about more knowledgable, but ssl3 nobody uses. it is even adviced not to use tls 1.1 and below


> Separate subject, but couldn't help but notice, SSL3 is being used?
> Wasn't SSL3 retired because of POODLE exploits? Can someone more
> knowledgeable confirm?
> 
> 
> On 9/7/21 11:05, Steve Dondley wrote:
> 
> 
> 	On 2021-09-07 01:25 PM, Amol Kulkarni wrote:
> 
> 		Hello,
> 
> 
> 		After I replaced my certificate with a new one yesterday, I'm
> seeing some ssl related errors. There are successful pop/imap logins
> using SSL also. So I think the certificate in itself is fine. No user
> has complained as yet, so I don't know for sure. However the count of
> errors has surely increased after installing the new certificate.
> 		There are 2 errors seen :
> 		dovecot: imap-login: Disconnected (no auth attempts in 1
> secs): user=<>, rip=, lip
> 		=, TLS handshaking: SSL_accept() failed: error:14094416:SSL
> routines:SSL3_READ_BYTES:sslv3 alert certificate unknown: SSL alert
> number 46, session=<9m0AnVnL
> 		2pHf4hso>
> 
> 
> 		dovecot: imap-login: Disconnected (no auth attempts in 0
> secs): user=<>, rip=, lip
> 		=, TLS: SSL_read() failed: error:14094412:SSL
> routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number
> 42, session=<ww/b6VfLmeR7yTog>
> 
> 		Kindly help with some pointers.
> 
> 		Thanks and Regards,
> 		Amol
> 
> 	I assume you tried restarting dovecot, but just in case...



More information about the dovecot mailing list