On 17/08/2020 12:51 Johannes Rohr <jorohr@gmail.com> wrote:
|Dear all,|
|a couple of days ago I upgraded our server from Ubuntu 18.04 to 20.04, thereby upgrading dovecot from 2.2.x to 2.3.x. |
|Since then, some older versions of apple's mail.app (bundled with el Capitano, released in 2016) no longer connect. When I turn on SSL debugging, I see:|
|Debug: SSL error: SSL_accept() failed: error:14209102:SSL routines:tls_early_post_process_client_hello:unsupported protocol imap-login: Debug: SSL error: SSL_accept() syscall failed: Invalid argument|
||
|Unfortunately, it doesn't reveal the name of the unsupported protocol. Also, what about the failed syscall? Does dovecot try and fail to open some file?|
|Here are the contents of /etc/dovecot/conf.d/10-ssl.conf:|
| ssl = yes ssl_cert = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/fullchain.pem ssl_key = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/key.pem ssl_ca = </etc/ssl/letsencrypt/idaweb-mail.rooot.de/ca.pem ssl_client_ca_dir = /etc/ssl/certs ssl_dh = </etc/dovecot/dh.pem |
|I would greatly appreciate any hints! |
|Cheers,|
|Johannes |
| |
||
You need to set
ssl_min_protocol = TLSv1.2 # or TLSv1
Aki