[Pkg-openssl-devel] Bug#573748: Bug#573748: libssl0.9.8: unknown message digest algorithm error in postfix
Richard van den Berg
richard at vdberg.org
Sun Mar 14 12:04:23 UTC 2010
On 14-3-10 12:31 , Kurt Roeckx wrote:
> Can you reproduce it using an s_server and s_client?
Nope, that all seems to work just fine. Maybe a starttls works a little
different than a straight SSL connection? Port 465 of postfix works just
fine as well.
# openssl s_server -cert /etc/ssl/certs/postfix.pem -CAfile
/etc/ssl/certs/vdberg.org.ca.pem
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
-----BEGIN SSL SESSION PARAMETERS-----
MHUCAQECAgMBBAIAOQQgHDCxbWFXYH/8JtyGH9/S2nnkTG4wpNZAh13Biab0mRsE
MLFHd4rP2l5k+JTGo5isIDQw5zMV7M9m996pSTVf0uh8DJLIr1FPF6f7UQXuZyor
p6EGAgRLnM8IogQCAgEspAYEBAEAAAA=
-----END SSL SESSION PARAMETERS-----
Shared
ciphers:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5
CIPHER is DHE-RSA-AES256-SHA
$ openssl s_client -connect vdberg.org:4433
CONNECTED(00000003)
depth=1
/O=vdberg.org/emailAddress=hostmaster at vdberg.org/L=Voorburg/ST=Zuid-Holland/C=NL/CN=vdberg.org
private CA
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
0 s:/C=NL/ST=Zuid-Holland/O=vdberg.org/CN=mx.vdberg.org
i:/O=vdberg.org/emailAddress=hostmaster at vdberg.org/L=Voorburg/ST=Zuid-Holland/C=NL/CN=vdberg.org
private CA
1
s:/O=vdberg.org/emailAddress=hostmaster at vdberg.org/L=Voorburg/ST=Zuid-Holland/C=NL/CN=vdberg.org
private CA
i:/O=vdberg.org/emailAddress=hostmaster at vdberg.org/L=Voorburg/ST=Zuid-Holland/C=NL/CN=vdberg.org
private CA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICUzCCAbwCAQEwDQYJKoZIhvcNAQELBQAwgZIxEzARBgNVBAoTCnZkYmVyZy5v
cmcxJDAiBgkqhkiG9w0BCQEWFWhvc3RtYXN0ZXJAdmRiZXJnLm9yZzERMA8GA1UE
BxMIVm9vcmJ1cmcxFTATBgNVBAgTDFp1aWQtSG9sbGFuZDELMAkGA1UEBhMCTkwx
HjAcBgNVBAMTFXZkYmVyZy5vcmcgcHJpdmF0ZSBDQTAeFw0wNzAyMTMxMzA4NTJa
Fw0xNzAyMTAxMzA4NTJaMFExCzAJBgNVBAYTAk5MMRUwEwYDVQQIEwxadWlkLUhv
bGxhbmQxEzARBgNVBAoTCnZkYmVyZy5vcmcxFjAUBgNVBAMTDW14LnZkYmVyZy5v
cmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJIfXJNNnWIFG8dhrU0qn2cQ
tBsQTHHdmSTn1991Z4TPkiYotp1jJYlYkSh4ags4niyVz4aClCqIsB619CDSKZKc
SbLMI77+5a+/nvfQ7C91G0Lmcy02AFe4CRILKFpWXv5U59fPgOnPuQuNGoM3Q1DF
c2zOscUZtcuUVe87ZSm5AgMBAAEwDQYJKoZIhvcNAQELBQADgYEAmG4SJ57m0Icq
7XxJZWJGcKj/xm/GnZyYM0SkLeR6uMW9aJIQcXs1AAtF1RKCqEw2abnxn642OEqt
8OZUt6ZfUCrhUCQ3KUM/OJQGX7s0z1V9Y7yo0DxRCHTx7TUJBlCMO2MQN/dHbIMP
MrUYu7d7lIc1TJ08W4yEjZ+42RyfI2E=
-----END CERTIFICATE-----
subject=/C=NL/ST=Zuid-Holland/O=vdberg.org/CN=mx.vdberg.org
issuer=/O=vdberg.org/emailAddress=hostmaster at vdberg.org/L=Voorburg/ST=Zuid-Holland/C=NL/CN=vdberg.org
private CA
---
No client certificate CA names sent
---
SSL handshake has read 1976 bytes and written 255 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID:
1C30B16D6157607FFC26DC861FDFD2DA79E44C6E30A4D640875DC189A6F4991B
Session-ID-ctx:
Master-Key:
B147778ACFDA5E64F894C6A398AC203430E73315ECCF66F7DEA949355FD2E87C0C92C8AF514F17A7FB5105EE672A2BA7
Key-Arg : None
Start Time: 1268567816
Timeout : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)
---
More information about the Pkg-openssl-devel
mailing list