The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL Errors

Discussion in 'General Discussion' started by glansing, Dec 22, 2006.

  1. glansing

    glansing Active Member

    Joined:
    Jun 3, 2003
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    6
    Anyone seen this? I've been trying to get Exim to present an SSL certificate and have been having more trouble than my old server.

    I copied the certificate to /etc/exim.crt and the private key to /etc/exim.key and restarted exim - thats all I had to do on my old box.

    Anyway, when trying to send mail (through Thunderbird) Exim presents a self-signed certificate that mirrors all the information of the signed one except for the issuer (GeoTrust). I can't seem to get it to consider it a GeoTrust signed certificate. Every service (pop3s, imaps, https) works fine with it.

    A friend tried to connect using Outlook and I witnessed the following errors in /var/log/exim_mainlog.

    Code:
    2006-12-22 17:31:18 SSL_write error 5
    2006-12-22 17:31:21 SSL_write error 5
    2006-12-22 17:31:38 SSL_write error 5
    2006-12-22 17:31:41 SSL_write error 5
    2006-12-22 17:32:23 TLS error on connection from [*******] (SSL_accept): error:00000000:lib(0):func(0):reason(0)
    2006-12-22 17:32:54 SSL_write error 5
    2006-12-22 17:32:57 SSL_write error 5
    
    Running 10.9.0-C114, exim-4.63-1_cpanel_maildir

    Any thoughts?
     
  2. glansing

    glansing Active Member

    Joined:
    Jun 3, 2003
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    6
    Update:

    Occassionally this message appears in the logs:

    2006-12-24 16:33:32 TLS error on connection from [xxxxxx] (SSL_accept): error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca

    I've tried to tell Exim where to look for the CA via 'tls_verify_certificates' but that had no effect. Has anyone else had this issue?

    The GeoTrust CA (Equifax Secure) is installed and apparently working. I get no SSL errors with POP/IMAP or HTTP.

    This shed any light?
     
Loading...

Share This Page