• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Issue How to require TLS 1.2 in postfix but still use roundcube? (centos7)

HostaHost

Regular Pleskian
Hello, I'm running into an issue with 17.5.3 when attempting to force TLS 1.2-only, which PCI requires in June. If Postfix is set to TLS 1.2 exclusively, roundcube can no longer send email:

Apr 5 01:48:07 server postfix/smtpd[6952]: warning: TLS library problem: 6952:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:640:

Dovecot is set the same way but it doesn't appear to have the issue there, it's limited to the outbound side. The /usr/share/psa-roundcube/config/defaults.inc.php is set to tls://localhost and the failure occurs whether certificate verification is on or off, leading me to believe it's trying TLS 1.0 first and failing.
 
Back
Top