SMTP issue with SSL/TLS

Hello

I am unable to send email using 587 or 465 ports, and getting this error on smtp server end.

TLS library problem: 22866:error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:s3_pkt.c:1493:SSL alert number 48:

Here is my /etc/z-push/imap.conf.php settings

define('IMAP_SMTP_METHOD', 'smtp');
global $imap_smtp_params;
$imap_smtp_params = array('host' => 'ssl://smtp.mydomain.net', 'port' => 465, 'auth' => true, 'username' => 'imap_username', 'password' => 'imap_password', 'verify_peer' =>
 false, 'verify_peer_name' => false, 'allow_self_signed' => true);

Would you please help me what is the exact issue and how I can solve this

hi,
look at the error:
" unknown ca"
Where ist the path to your certifiacte?
often you have to create a “full chain certifiacte” - certifiacte, CA-Chains Certifiactes, ca-sertificte - all in one file.

I am using Letsencrypt on my MailServer and If I do simply IMAP connection with SSL thats working perfect.

Then why z-push giving this error.

You mentioned (path to your certificate) where I need to define the certificate in z-push?

Hi,

I don’t exactly know know to configure z-push with imap, I only saw the issue.
You can check your correct chain here:
https://whatsmychaincert.com/
Which SMTP Relay do you use? Postfix ?
There you also have to add all things:
smtpd_tls_cert_file =
smtpd_tls_key_file =
smtpd_tls_CAfile =
smtpd_tls_dh1024_param_file = /etc/postfix/ssl/dhparams.pem

Is it working without ssl with port 25 only?

Here is my postfix configuration.

smtpd_tls_cert_file=/root/.acme.sh/mydomain.net/mydomain.net.cer
smtpd_tls_key_file=/root/.acme.sh/mydomain.net/mydomain.net.key
smtpd_tls_CAfile=/root/.acme.sh/mydomain.net/ca.cer
smtpd_tls_dh1024_param_file=/etc/postfix/dh1024.pem

Yes without SSL I can send email using 25

@umardraz said in SMTP issue with SSL/TLS:

ssl://smtp.mydomain.net

Though I don’t use IMAP myself I would suspect that you should not have the prefix ssl:// in front of the mail server name. The port number you specify is going to dictate if it is using SSL or not.

Well with this way imap not working