thr3ads.net - dovecot - Upgrade to 2.3.1 has failed [Dec 2018]

If this information is useful, please help other people find it:
Share via:

C. Andrews Lavarre

2018-Dec-15 18:02 UTC

Upgrade to 2.3.1 has failed

Excellent, thank you again.
The openssl command I have tried (that used to work with Dovecot 2.2)
is:
	openssl s_client -connect mail.privustech.com:143
I have also tried
? ? ? ??openssl s_client -connect mail.privustech.com:143 -servername
mail.privustech.com
I've posted?the full output from this to?https://pastebin.com/eUSarQdx

I've posted te full output?from?dovecot -n to?https://pastebin.com/F8Ra
C4bt

Thank you again, Andy
On Sat, 2018-12-15 at 17:27 +0100, Alexander Dalloz
wrote:> Am 15.12.2018 um 17:16 schrieb C. Andrews Lavarre:
> > 
> > 		to /etc/apparmor.d/local/usr.lib.dovecot.imap-login?but 
> > still
> > cannot login with either the mail client or with explicit openssl:
> > it
> > complains
> > 		error:140770FC:SSL
> > routines:SSL23_GET_SERVER_HELLO:unknown
> > protocol:s23_clnt.c:794:
> Hi,
> 
> that error above typically means to connect with SSL to STARTTLS or
> vice?
> versa.
> 
> Please provide the complete command you issue using "openssl
> s_client"?
> together with the corresponding dovecot logging. As well the output
> of?
> "doveconf -n" would be useful to help you further.
> 
> Alexander
> -------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20181215/0749e34b/attachment.html>

C. Andrews Lavarre

2018-Dec-15 18:12 UTC

head link

Upgrade to 2.3.1 has failed

The output of /var/log/mail for this login attempt is at
	https://pastebin.com/R1Bjkjm3
Thanks again.
On Sat, 2018-12-15 at 13:02 -0500, C. Andrews Lavarre
wrote:> Excellent, thank you again.
> 
> The openssl command I have tried (that used to work with Dovecot 2.2)
> is:
> 	openssl s_client -connect mail.privustech.com:143
> I have also tried
> ? ? ? ??openssl s_client -connect mail.privustech.com:143 -servername
> mail.privustech.com
> I've posted?the full output from this to?https://pastebin.com/eUSarQd
> x
> 
> I've posted te full output?from?dovecot -n to?https://pastebin.com/F8
> RaC4bt
> 
> Thank you again, Andy
> 
> On Sat, 2018-12-15 at 17:27 +0100, Alexander Dalloz wrote:
> > Am 15.12.2018 um 17:16 schrieb C. Andrews Lavarre:
> > > 
> > > 		to /etc/apparmor.d/local/usr.lib.dovecot.imap-login?but 
> > > still
> > > cannot login with either the mail client or with explicit
> > > openssl: it
> > > complains
> > > 		error:140770FC:SSL
> > > routines:SSL23_GET_SERVER_HELLO:unknown
> > > protocol:s23_clnt.c:794:
> > Hi,
> > 
> > that error above typically means to connect with SSL to STARTTLS or
> > vice?
> > versa.
> > 
> > Please provide the complete command you issue using "openssl
> > s_client"?
> > together with the corresponding dovecot logging. As well the output
> > of?
> > "doveconf -n" would be useful to help you further.
> > 
> > Alexander
> > -------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20181215/a3a0dac0/attachment.html>

Aki Tuomi

2018-Dec-15 18:43 UTC

head link

Upgrade to 2.3.1 has failed

<!doctype html>
<html>
 <head> 
  <meta charset="UTF-8"> 
 </head>
 <body>
  <div>
   That command is missing -starttls imap? or are you using port 993?
  </div>
  <blockquote type="cite">
   <div>
    On 15 December 2018 at 20:02 "C. Andrews Lavarre" <
    <a
href="mailto:alavarre@gmail.com">alavarre@gmail.com</a>>
wrote:
   </div>
   <div>
    <br>
   </div>
   <div>
    <br>
   </div>
   <div>
    Excellent, thank you again.
   </div>
   <div>
    The openssl command I have tried (that used to work with Dovecot 2.2)
   </div>
   <div>
    is:
   </div>
   <div>
    openssl s_client -connect mail.privustech.com:143
   </div>
   <div>
    I have also tried
   </div>
   <div>
            openssl s_client -connect mail.privustech.com:143 -servername
   </div>
   <div>
    mail.privustech.com
   </div>
   <div>
    I've posted the full output from this to 
    <a href="https://pastebin.com/eUSarQdx"
rel="noopener"
target="_blank">https://pastebin.com/eUSarQdx</a>
   </div>
   <div>
    <br>
   </div>
   <div>
    I've posted te full output from dovecot -n to 
    <a href="https://pastebin.com/F8Ra" rel="noopener"
target="_blank">https://pastebin.com/F8Ra</a>
   </div>
   <div>
    C4bt
   </div>
   <div>
    <br>
   </div>
   <div>
    Thank you again, Andy
   </div>
   <div>
    On Sat, 2018-12-15 at 17:27 +0100, Alexander Dalloz wrote:
   </div>
   <blockquote type="cite">
    <div>
     Am 15.12.2018 um 17:16 schrieb C. Andrews Lavarre:
    </div>
    <blockquote type="cite">
     <div>
      to /etc/apparmor.d/local/usr.lib.dovecot.imap-login but
     </div>
     <div>
      still
     </div>
     <div>
      cannot login with either the mail client or with explicit openssl:
     </div>
     <div>
      it
     </div>
     <div>
      complains
     </div>
     <div>
      error:140770FC:SSL
     </div>
     <div>
      routines:SSL23_GET_SERVER_HELLO:unknown
     </div>
     <div>
      protocol:s23_clnt.c:794:
     </div>
    </blockquote>
    <div>
     Hi,
    </div>
    <div>
     <br>
    </div>
    <div>
     that error above typically means to connect with SSL to STARTTLS or
    </div>
    <div>
     vice 
    </div>
    <div>
     versa.
    </div>
    <div>
     <br>
    </div>
    <div>
     Please provide the complete command you issue using "openssl
    </div>
    <div>
     s_client" 
    </div>
    <div>
     together with the corresponding dovecot logging. As well the output
    </div>
    <div>
     of 
    </div>
    <div>
     "doveconf -n" would be useful to help you further.
    </div>
    <div>
     <br>
    </div>
    <div>
     Alexander
    </div>
   </blockquote>
  </blockquote>
  <div>
   <br>
  </div>
  <div class="io-ox-signature">
   ---
   <br>Aki Tuomi
  </div> 
 </body>
</html>

Alexander Dalloz

2018-Dec-15 21:24 UTC

head link

Upgrade to 2.3.1 has failed

Am 15.12.2018 um 19:02 schrieb C. Andrews Lavarre:> The openssl command I have tried (that used to work with Dovecot 2.2)
> is:
> 	openssl s_client -connect mail.privustech.com:143
> I have also tried
>  ? ? ? ??openssl s_client -connect mail.privustech.com:143 -servername
> mail.privustech.com
Please, there is zero need to mail me personlly. Keep your replies to 
the list. I am following here as you can see.

And to your command: it is wrong. As I guessed you are talking with SSL 
to the IMAP STARTTLS port. That of course cannot work.

SSL here means directly doing a secure handshaking, just like HTTPS is 
working. The default port for IMAPS is 993, not 143.

If you test against IMAP/STARTTLS on port 143, then do with

openssl s_client -connect mail.privustech.com:143 -starttls imap

As your "doveconf -n" does not show any special setup regarding IMAPS
or
IMAP/STARTTLS the case is as analyzed.

Alexander

Alexander Dalloz

2018-Dec-15 22:08 UTC

head link

Upgrade to 2.3.1 has failed

Am 15.12.2018 um 19:43 schrieb Aki Tuomi:>> I've posted te full output from dovecot -n to
https://pastebin.com/F8Ra
>> C4bt
You again broke your setup. From your pastebin:

ssl_cert = /etc/certbot/live/privustech.com/fullchain.pem

That's missing the "<" in front of the path to the certificate
file.
Proably the same mistake for the ssl_key parameter.

Alexander

Seemingly Similar Threads

Search for more seemingly similar threads

dovecot - Dec 2018 - Upgrade to 2.3.1 has failed

Upgrade to 2.3.1 has failed

Upgrade to 2.3.1 has failed

Upgrade to 2.3.1 has failed

Upgrade to 2.3.1 has failed

Upgrade to 2.3.1 has failed

Seemingly Similar Threads