• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Solved Connecting to SMTP using TLS/SSL from Jail

CyberCr33p

Active Member

Thanks: 7
Messages: 125

#1
I run PHP-FPM inside a FreeBSD jail and Postfix in host. I have a php script to send e-mails which works if I have TLS or SSL disabled but it doesn't work if enable either of them. Jail has access to /dev/random

Code:
Mar  3 15:12:28 server1 postfix/smtpd[83711]: connect from server1.mydomain.com[138.201.248.xxx]
Mar  3 15:12:28 server1 postfix/smtpd[83711]: SSL_accept error from server1.mydomain.com[138.201.248.xxx]: 0
Mar  3 15:12:28 server1 postfix/smtpd[83711]: warning: TLS library problem: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:s3_pkt.c:1500:SSL alert number 48:
Mar  3 15:12:28 server1 postfix/smtpd[83711]: lost connection after STARTTLS from server1.mydomain.com[138.201.248.xxx]
Mar  3 15:12:28 server1 postfix/smtpd[83711]: disconnect from server1.mydomain.com[138.201.248.xxx] ehlo=1 starttls=0/1 commands=1/2
If I run PHP-FPM from the FreeBSD host then it works.

Any idea what is wrong?
 

CyberCr33p

Active Member

Thanks: 7
Messages: 125

#2
Finally it was not related to the jail.

I found the solution. In host I had these files:

Code:
ls -la /usr/local/openssl/certs
total 12
drwxr-xr-x  2 root  wheel   512 Sep 20 16:30 .
drwxr-xr-x  5 root  wheel   512 Feb 19 22:55 ..
lrwxr-xr-x  1 root  wheel    21 Sep 20 16:30 80ecc636.0 -> rapidssl_wildcard.crt
-rw-r--r--  1 root  wheel  1555 Sep 20 16:26 rapidssl_wildcard.crt
I had to copy these files from host:

Code:
cp /usr/local/openssl/certs/*
to jail:

Code:
/home/jail/php56//usr/local/openssl/certs/
And everything is ok now.
 
Top