From owner-freebsd-current@FreeBSD.ORG  Fri Oct 22 01:38:39 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 723A116A4CE
	for <freebsd-current@FreeBSD.org>;
	Fri, 22 Oct 2004 01:38:39 +0000 (GMT)
Received: from carver.gumbysoft.com (carver.gumbysoft.com [66.220.23.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 602DD43D1D
	for <freebsd-current@FreeBSD.org>;
	Fri, 22 Oct 2004 01:38:39 +0000 (GMT)
	(envelope-from dwhite@gumbysoft.com)
Received: by carver.gumbysoft.com (Postfix, from userid 1000)
	id 5151772DD4; Thu, 21 Oct 2004 18:38:39 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
	by carver.gumbysoft.com (Postfix) with ESMTP id 4C74A72DCB;
	Thu, 21 Oct 2004 18:38:39 -0700 (PDT)
Date: Thu, 21 Oct 2004 18:38:39 -0700 (PDT)
From: Doug White <dwhite@gumbysoft.com>
To: Roman Kennke <roman@ontographics.com>
In-Reply-To: <1098367360.2123.8.camel@moonlight>
Message-ID: <20041021183638.B41366@carver.gumbysoft.com>
References: <1098367360.2123.8.camel@moonlight>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: freebsd-current@FreeBSD.org
Subject: Re: OpenSSL and Sendmail
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Oct 2004 01:38:39 -0000

On Thu, 21 Oct 2004, Roman Kennke wrote:

> since I upgraded to 5.3-RC1 (from 5.2.1) I have a problem with OpenSSL
> and Sendmail.
>
> I configured sendmail as described here:
>
> http://www.puresimplicity.net/~hemi/freebsd/sendmail.html
>
> This worked fine with 5.2.1
>
> Now, when I try to connect to the secure port 465, I get the following
> error in /var/log/maillog:
>
> Oct 21 16:01:10 box7954 sm-mta[33080]: STARTTLS=server:
> 33080:error:140BA0C3:SSL routines:SSL_new:null ssl
> ctx:/usr/src/crypto/openssl/ssl/ssl_lib.c:231:
> Oct 21 16:01:10 box7954 sm-mta[33080]: i9LE1Ak1033080:
> 1Cust147.vr1.dtm1.alter.net [149.229.96.147] did not issue
> MAIL/EXPN/VRFY/ETRN during connection to TLSMTA

Many TLS problems can be traced to defective or missing certificates. Are
you sure your certs are still valid (haven't expired, still readable,
somewhere where sendmail can find them, etc)?


-- 
Doug White                    |  FreeBSD: The Power to Serve
dwhite@gumbysoft.com          |  www.FreeBSD.org