Jason Hirsh via dovecot skrev den 2024-06-06 14:32:
The logs show
imap-login: Disconnected: Connection closed: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46 (no auth attempts in 0 secs): user=<>, rip=69.142.122.175, lip=209.160.65.133, TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46, session=<g2nj8CsalMtFjnqv>
ssl_ca = </usr/local/etc/ssl/openssl/theoceanwindow.com/ca_bundle.crt ssl_cert = </usr/local/etc/ssl/openssl/theoceanwindow.com/certificate.crt ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it
/etc/dovecot/conf.d/10-ssl.conf:ssl_cert = </etc/letsencrypt/live/yourdomainhere/fullchain.pem /etc/dovecot/conf.d/10-ssl.conf:ssl_key = </etc/letsencrypt/live/yourdomainhere/privkey.pem
try LE
mx ~ # doveconf -d | grep cipher ssl_cipher_list = ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH ssl_cipher_suites = ssl_prefer_server_ciphers = no
i keep above defaults