• Dear Pleskians! The Plesk Forum will be undergoing scheduled maintenance on Monday, 7th of July, at 9:00 AM UTC. The expected maintenance window is 2 hours.
    Thank you in advance for your patience and understanding on the matter.

Issue How to require TLS 1.2 in postfix but still use roundcube? (centos7)

HostaHost

Regular Pleskian
Hello, I'm running into an issue with 17.5.3 when attempting to force TLS 1.2-only, which PCI requires in June. If Postfix is set to TLS 1.2 exclusively, roundcube can no longer send email:

Apr 5 01:48:07 server postfix/smtpd[6952]: warning: TLS library problem: 6952:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:640:

Dovecot is set the same way but it doesn't appear to have the issue there, it's limited to the outbound side. The /usr/share/psa-roundcube/config/defaults.inc.php is set to tls://localhost and the failure occurs whether certificate verification is on or off, leading me to believe it's trying TLS 1.0 first and failing.
 
Back
Top