[Pkg-openssl-devel] Bug#843603: Bug#843603: Bug#843603: openssl fails on sid version to handshake with tls_1.2 to postfix echos ssl_errors
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Fri Nov 11 19:43:09 UTC 2016
On 2016-11-11 19:21:26 [+0100], sternasky wrote:
> Hello,
Hi,
> after some analysis i found infos about php security changes after
> 5.6,7.0.12.2
>
> Self Signed Certs like
>
> SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
> SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
>
> which are set to CN localhost are blocked by postfix from PHP Mailers
> like Roundcube.. Errors often are seen:
>
> .. ssl cert not accepted or SSLv3 Error..
They might be blocked because PHP can't verify the cert chain. SSLv3 is
disabled in stable+ so this won't work. So far it does not look like a
openssl bug.
For localhost connections you could skip the SSL link.
> Thanks..
> www.linuxonlinehelp.de
Sebastian
More information about the Pkg-openssl-devel
mailing list