2.3.13: newly introduced TLS bug : tls_construct_server_key_exchange
Marius Schwarz
fedoradev at cloud-foo.de
Thu Jan 7 18:31:04 EET 2021
Hi,
since the update from 2.3.11 to 2.3.13 some clients generate this bug :
TLS handshaking: SSL_accept() failed: error:141EC044:SSL routines:tls_construct_server_key_exchange:internal error
As it looks for now, they use the old SSL approach on Ports 993 and 995.
SSL Config says:
ssl = yes
ssl_cert = </etc/pki/tls/certs/exim.pem ( Lets Encrypt R3 based cert )
ssl_key = </etc/pki/tls/private/exim.pem
ssl_dh_parameters_length = 2048
ssl_dh= </etc/dovecot/dh.pem
ssl_cipher_list = PROFILE=SYSTEM
OS: Fedora 32 X86_64
Ext4 file storage on local disks
Versions:
dovecot-2.3.13-1.fc32.x86_64
openssl-1.1.1i-1.fc32.x86_64
best regards,
Marius Schwarz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20210107/bb56e164/attachment-0001.html>
More information about the dovecot
mailing list