Facebook
TwitterHello, I'm running into an issue with 17.5.3 when attempting to force TLS 1.2-only, which PCI requires in June. If Postfix is set to TLS 1.2 exclusively, roundcube can no longer send email:
Apr 5 01:48:07 server postfix/smtpd[6952]: warning: TLS library problem: 6952:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:640:
Dovecot is set the same way but it doesn't appear to have the issue there, it's limited to the outbound side. The /usr/share/psa-roundcube/config/defaults.inc.php is set to tls://localhost and the failure occurs whether certificate verification is on or off, leading me to believe it's trying TLS 1.0 first and failing.
Apr 5 01:48:07 server postfix/smtpd[6952]: warning: TLS library problem: 6952:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:640:
Dovecot is set the same way but it doesn't appear to have the issue there, it's limited to the outbound side. The /usr/share/psa-roundcube/config/defaults.inc.php is set to tls://localhost and the failure occurs whether certificate verification is on or off, leading me to believe it's trying TLS 1.0 first and failing.
