[JAMES-2631] TLS 1.2 problems with Certificate Request - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 3.0.1
Fix Version/s: None
Component/s: None
Labels:
None

Description

We are using james 3.0.1 configured to use TLS in remote deliveries. The sending of emails over TLS is working fine but we have problems sending emails to a particular server which performs a "Certificate Request". When this happens, in a tcpdump capture I can see that, James returns an error Alert (Level: Fatal, Description: Certificate Unknown).

The certificate used by the remote server is issued by a well know CA. In the picture server_request.png you can see as the remote server requests a "Certificate request" to the client (in this case to James).

In the file james_reponse.png you can see how James sends a Fatal alert.

I have been looking into the documentation but I haven't found the way to specify a keystore in the mailetcontainer.xml. Is this possible? Anyone knows how to fix this?

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

server_request.png
13/Dec/18 11:00
68 kB
Arnau Rebassa
james_response.png
13/Dec/18 11:00
46 kB
Arnau Rebassa

Issue Links

relates to

JAMES-3206 Keystore Exception when running the "Basic" Server

Resolved

JAMES-3209 Auth Module to make James usable with Nginx mail proxy for TLS termination

Closed

JAMES-2969 RemoteDelivery should be tested against startTls/ssl

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Arnau Rebassa

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 13/Dec/18 11:01

Updated:: 04/Sep/21 04:28

Resolved:: 04/Sep/21 04:28