dovecot - May 2020 - SSL Error

I just installed a certificate on my mail server to Postfix and Dovecot. 
The certificate is functional on Postfix, but for some reason I keep 
getting this error. Any suggestions on how to fix it?

mail dovecot: imap-login: Error: SSL: Stacked error: error:1408A10B:SSL 
routines:ssl3_get_client_hello:wrong version number


Here is my configuration:

# 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.13 (7b14904)
# OS: Linux 4.4.0-45-generic x86_64 Ubuntu 16.04.6 LTS ext4
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain cram-md5 login
auth_verbose = yes
auth_verbose_passwords = plain
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
mail_debug = yes
mail_gid = 5000
mail_location = maildir:/home/vmail/%d/%n
mail_plugins = quota
mail_uid = 5000
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
 ? inbox = yes
 ? location  ? mailbox Drafts {
 ??? auto = subscribe
 ??? special_use = \Drafts
 ? }
 ? mailbox Junk {
 ??? auto = subscribe
 ??? special_use = \Junk
 ? }
 ? mailbox Sent {
 ??? auto = subscribe
 ??? special_use = \Sent
 ? }
 ? mailbox "Sent Messages" {
 ??? special_use = \Sent
 ? }
 ? mailbox Trash {
 ??? auto = subscribe
 ??? special_use = \Trash
 ? }
 ? prefix }
passdb {
 ? args = /etc/dovecot/dovecot-sql.conf.ext
 ? driver = sql
}
plugin {
 ? quota_rule = *:storage=5G
 ? sieve = /etc/dovecot/sieve/default.sieve
 ? sieve_default = /var/lib/dovecot/sieve/default.sieve
 ? sieve_dir = ~/sieve
}
postmaster_address = postmaster at example.com
protocols = " imap sieve pop3"
service auth {
 ? unix_listener /var/spool/postfix/private/auth {
 ??? group = postfix
 ??? mode = 0666
 ??? user = postfix
 ? }
}
ssl_cert = </etc/ssl/certs/example.pem
ssl_key = </etc/ssl/private/example.key
userdb {
 ? args = uid=5000 gid=5000 home=/home/vmail/%d/%n
 ? driver = static
}
verbose_ssl = yes
protocol lda {
 ? mail_plugins = quota sieve
}
protocol imap {
 ? mail_plugins = quota imap_quota
}

> On 15/05/2020 02:36 Brandon Roa <brandon at bitlagoon.com> wrote:
> 
>  
> I just installed a certificate on my mail server to Postfix and Dovecot. 
> The certificate is functional on Postfix, but for some reason I keep 
> getting this error. Any suggestions on how to fix it?
> 
> mail dovecot: imap-login: Error: SSL: Stacked error: error:1408A10B:SSL 
> routines:ssl3_get_client_hello:wrong version number
> 
> 
> Here is my configuration:
> 
> # 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.13 (7b14904)
> # OS: Linux 4.4.0-45-generic x86_64 Ubuntu 16.04.6 LTS ext4
This is very dated version of dovecot, you might want to consider using e.g.
https://repo.dovecot.org for new version. This is not necessarely the cause
here.

For the SSL error, can you describe more on what are you doing when you get the
error? It looks a lot like trying plaintext connection to SSL port.

Aki

Oops, on second glance I don't think that error is actually directly 
related to what I was doing.

I had been testing to see if the certificate chain was installed 
properly by running

openssl s_client -connect mail.example.com:143

But there was no certificate reported in stdout. I thought that error 
was related to my test command, but I realize now it's not. I'm still 
confused, though, because I followed all the steps for installing 
configuring SSL (https://wiki.dovecot.org/SSL/DovecotConfiguration) and 
it just doesn't seem to have worked.

On 5/14/2020 9:38 PM, Aki Tuomi wrote:
>> On 15/05/2020 02:36 Brandon Roa <brandon at bitlagoon.com> wrote:
>>
>>   
>> I just installed a certificate on my mail server to Postfix and
Dovecot.
>> The certificate is functional on Postfix, but for some reason I keep
>> getting this error. Any suggestions on how to fix it?
>>
>> mail dovecot: imap-login: Error: SSL: Stacked error: error:1408A10B:SSL
>> routines:ssl3_get_client_hello:wrong version number
>>
>>
>> Here is my configuration:
>>
>> # 2.2.22 (fe789d2): /etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.4.13 (7b14904)
>> # OS: Linux 4.4.0-45-generic x86_64 Ubuntu 16.04.6 LTS ext4
> This is very dated version of dovecot, you might want to consider using
e.g. https://repo.dovecot.org for new version. This is not necessarely the cause
here.
>
> For the SSL error, can you describe more on what are you doing when you get
the error? It looks a lot like trying plaintext connection to SSL port.
>
> Aki