原因是/etc/postfix/main.cf裏面沒有配置smtpd_tls_CAfile。
smtpd_tls_CAfile指向https證書的ca-bundle文件,這個文件不能少。
smtpd_tls_cert_file = /xxx/purasbar.com.crt
smtpd_tls_key_file = /xxx/purasbar.com.key
smtpd_tls_CAfile = /xxx/purasbar.com.ca-bundle
作者共发了4篇帖子。
侃吧找回密碼發不出去郵件的問題已經解決了
 |
|
|
缺少ca-bundle文件的話,ssl證書就會驗證不通過,報下面的20和21錯誤。
$ echo QUIT | openssl s_client -crlf -starttls smtp -CAfile /home/oct1158/certificate/cacert-2024-03-11.pem -connect mail.purasbar.com:25 CONNECTED(00000003) depth=0 CN = *.purasbar.com verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 CN = *.purasbar.com verify error:num=21:unable to verify the first certificate verify return:1 depth=0 CN = *.purasbar.com verify return:1 |
|
openssl的報錯信息:
Warning: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /xxxx/class.smtp.php on line 281 Sending mail failed: SMTP connect() failed. |
|
