Hello,
I renew CA and certificate with the following procedure:
sudo -i -u zimbra
/opt/zimbra/bin/zmcertmgr createca -new
/opt/zimbra/bin/zmcertmgr deployca
/opt/zimbra/bin/zmcertmgr createcrt -new -days 365
/opt/zimbra/bin/zmcertmgr deploycrt self
/opt/zimbra/bin/zmcertmgr viewdeployedcrt
zmcontrol restart
After that, I'm not able to connect to external POP3 account I was able to connect before.
All domains from same remote server.
But from other server all seems working well.
Zimbra error is:
zimbra unable to connect to pop3 server. encrypted connection failed Please check the SSL certificate on the external server
On remote server:
Feb 19 15:44:05 230 dovecot: pop3-login: Disconnected: Connection closed: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46 (no auth attempts in 0 secs): user=<>, rip=*.*.*.*, lip=*.*.*.*, TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46, session=<YKYfIL0ROGyXBDgi>
OpenSSL works:
openssl s_client -connect host.domain.it:995 -starttls pop3
CONNECTED(00000003)
Is it possible Zimbra cached remote server SSL certificate?
Anyone can help?
I renew CA and certificate with the following procedure:
sudo -i -u zimbra
/opt/zimbra/bin/zmcertmgr createca -new
/opt/zimbra/bin/zmcertmgr deployca
/opt/zimbra/bin/zmcertmgr createcrt -new -days 365
/opt/zimbra/bin/zmcertmgr deploycrt self
/opt/zimbra/bin/zmcertmgr viewdeployedcrt
zmcontrol restart
After that, I'm not able to connect to external POP3 account I was able to connect before.
All domains from same remote server.
But from other server all seems working well.
Zimbra error is:
zimbra unable to connect to pop3 server. encrypted connection failed Please check the SSL certificate on the external server
On remote server:
Feb 19 15:44:05 230 dovecot: pop3-login: Disconnected: Connection closed: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46 (no auth attempts in 0 secs): user=<>, rip=*.*.*.*, lip=*.*.*.*, TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46, session=<YKYfIL0ROGyXBDgi>
OpenSSL works:
openssl s_client -connect host.domain.it:995 -starttls pop3
CONNECTED(00000003)
Is it possible Zimbra cached remote server SSL certificate?
Anyone can help?
Statistics: Posted by blueberry24 — Mon Feb 19, 2024 9:46 pm