Originally posted by: aixunix33
I have a problem.
On my other linux and unix server(solaris and hp-ux)
sendmail works fine with a postfix server,wich accept only
tls connections.
I have set sendmail on aix like this
divert(0)dnl
VERSIONID(`Mustafar')
OSTYPE(aixsample)dnl
DOMAIN(generic)dnl
FEATURE(genericstable)dnl
FEATURE(mailertable)dnl
FEATURE(virtusertable)dnl
FEATURE(domaintable)dnl
FEATURE(allmasquerade)dnl
FEATURE(accept_unresolvable_domains)dnl
FEATURE(accept_unqualified_senders)dnl
FEATURE(always_add_domain)dnl
FEATURE(no_default_msa)
FEATURE(access_db)dnl
define(`confSMTP_LOGIN_MSG', `$j Sendmail $b')
MAILER(smtp)dnl
MAILER(uucp)dnl
TRUST_AUTH_MECH(`GSSAPI DIGEST-MD5')dnl
MAILER(local)dnl
define(`_X400_UUCP_')dnl
define(`_MASQUERADE_ENVELOPE_')dnl
define(`MASQUERADE_NAME')dnl
define(`confTRY_NULL_MX_LIST',`T')dnl
define(`LUSER_RELAY',`name_of_luser_relay')dnl
define(`DATABASE_MAP_TYPE',`dbm')dnl
define(`_CLASS_U_')dnl
define(`LOCAL_RELAY')dnl
define(`MAIL_HUB')dnl
define(`SMART_HOST', `posta.server.coml')
define(`confCACERT_PATH', `/etc/mail/certs')dnl
define(`confCACERT', `/etc/mail/certs/server.com.crt')dnl
define(`confSERVER_CERT', `/etc/mail/certs/ibmunix.server.com.crt')dnl
define(`confSERVER_KEY', `/etc/mail/certs/ibmunix.server.com.key')dnl
define(`confCLIENT_CERT', `/etc/mail/certs/ibmunix.server.com.crt')dnl
define(`confCLIENT_KEY', `/etc/mail/certs/ibmunix.server.coml.key')dnl
define(`confRAND_FILE',`egd:/dev/urandom')dnl
define(`confTLS_VERSION', `TLSv1')dnl
define(`confCIPHER', `DHE-RSA-CAMELLIA256-SHA')dnl
But when i send email give me this errror
250 DSN
>>> STARTTLS
220 2.0.0 Ready to start TLS
user@server.com... Deferred: 403 4.7.0 TLS handshake failed.
and on log i see
STARTTLS=client: 11206804:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:602:
My goal is to enable tls and disable if possible sslv3.
Where i fail?
Thanks