2.3.13: newly introduced TLS bug : tls_construct_server_key_exchange
Michal Hlavinka
mhlavink at redhat.com
Fri Jan 8 13:11:45 EET 2021
Hard to say without reproducer and more information, but I think it was
a downstream bug. There was configuration error in 2.3.13-1 build. I'm
not sure how exactly it could cause this error, but I did not see any
report for the new build so far.
On 07. 01. 21 17:31, Marius Schwarz wrote:
>
> Hi,
>
> since the update from 2.3.11 to 2.3.13 some clients generate this bug :
>
> TLS handshaking: SSL_accept() failed: error:141EC044:SSL routines:tls_construct_server_key_exchange:internal error
>
> As it looks for now, they use the old SSL approach on Ports 993 and 995.
>
> SSL Config says:
>
> ssl = yes
> ssl_cert = </etc/pki/tls/certs/exim.pem ( Lets Encrypt R3 based cert )
> ssl_key = </etc/pki/tls/private/exim.pem
> ssl_dh_parameters_length = 2048
> ssl_dh= </etc/dovecot/dh.pem
> ssl_cipher_list = PROFILE=SYSTEM
>
>
> OS: Fedora 32 X86_64
> Ext4 file storage on local disks
>
> Versions:
>
> dovecot-2.3.13-1.fc32.x86_64
> openssl-1.1.1i-1.fc32.x86_64
>
>
>
> best regards,
> Marius Schwarz
More information about the dovecot
mailing list