Bug#459323: exim4: Incredimail problem sending email using Exim4 SMTP over SSL / TLS error on connection from [ip.ad.dr.ess] (gnutls_handshake): A TLS packet with unexpected length was received.
Simon Josefsson
simon at josefsson.org
Sun Jan 6 17:24:17 UTC 2008
"Andrew McGlashan" <andrew.mcglashan at affinityvision.com.au> writes:
> Hi,
Hi! Thanks for testing. I think we are getting closer...
> -cert /usr/share/ssl-cert/CAcert.pem \
> -key /usr/share/ssl-cert/ca.key \
> -CAfile /etc/ssl/certs/ca.pem
This seems weird. Do you have your server certificate in a file called
'CAcert.pem' and the server private key in a file called 'ca.key'?
I'd expect the first file to contain the CA certificate and the latter
file to contain the CA private key.
How does your exim TLS configuration look like? Is it really using the
same filenames?
> gnutls-serv --port 4465 --debug 4711 \
> --x509certfile /usr/share/ssl-cert/CAcert.pem \
> --x509keyfile /usr/share/ssl-cert/ca.key \
> --x509cafile /etc/ssl/certs/ca.pem
>
> www:~# gnutls-serv --port 4465 --debug 4711 \
>> --x509certfile /usr/share/ssl-cert/CAcert.pem \
>> --x509keyfile /usr/share/ssl-cert/ca.key \
>> --x509cafile /etc/ssl/certs/ca.pem
> Processed 1 CA certificate(s).
> |<2>| ASSERT: x509_b64.c:514
> |<2>| ASSERT: x509_b64.c:447
> |<2>| Could not find '-----BEGIN DSA PRIVATE KEY'
> |<2>| ASSERT: privkey.c:397
> |<2>| ASSERT: gnutls_x509.c:686
> |<2>| ASSERT: gnutls_x509.c:733
> Error reading '/usr/share/ssl-cert/CAcert.pem' or
> /usr/share/ssl-cert/ca.key'
> Error: Base64 decoding error.
Something seems wrong with these files, and I suspect they aren't what
the exim installation is using. So let's compare these filenames with
your exim installation before proceeding.
/Simon
More information about the Pkg-exim4-maintainers
mailing list