3

I am trying to configure TLS on my mail server (postfix+dovecot on debian).

But whenever I try to send via StartTLS, I've got this error message

telnet localhost 25
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 Vulcan0.hijackedbrain.com ESMTP Postfix (Debian/GNU)
starttls
454 4.7.0 TLS not available due to local problem

Here is my main.cf postfix, especially TLS parameters

# TLS parameters
smtpd_tls_cert_file=/etc/postfix/myCert.cert
smtpd_tls_key_file=/etc/postfix/RSA.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_tls_security_level = encrypt
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_loglevel = 3
smtpd_tls_auth_only = yes

I checked the certificate using openssl verify. It seems OK.

Any help would be appreciated. Thanks

masegaloeh
  • 18,236
  • 10
  • 57
  • 106
aramir
  • 101
  • 1
  • 1
  • 6
  • Most frequent cause is the lack of permissions to read the key/cert files. – Kondybas Dec 29 '14 at 17:40
  • I think I just found it. I generated a new certificate without password. And now it works. – aramir Dec 29 '14 at 17:44
  • If you have your solution, please answer your own question so that the question will no longer show up as unanswered. – Reaces Dec 29 '14 at 17:50
  • Don't forget to [accept the answer](http://serverfault.com/help/accepted-answer) below after 2 days so the readers know that the solution is works – masegaloeh Dec 29 '14 at 21:39

1 Answers1

2

So... I regenerated a new certificate and auto signed it. But this time WITHOUT a password. And now, it works!

aramir
  • 101
  • 1
  • 1
  • 6