|
1 2 |
=================================== solution to certificate verification failed for smtp.gmail.com |
|
1 |
via update Equifax Secure Certificate Authority |
|
1 2 3 4 |
==================================== Error: in /var/log/mail.log May 28 12:39:10 services@iesensor.com postfix/smtp[10839]: Untrusted TLS connection established to smtp.gmail.com |
|
1 2 3 4 5 6 |
[209.85.143.109]:587: TLSv1 with cipher RC4-SHA (128/128 bits) certificate verification failed for smtp.gmail.com[209.85.143.109]:587: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority -------------------- No matter you Setup the Gmail certification using the any turial, |
|
1 2 3 4 5 6 7 |
just look up smtpd_tls_CAfile= in main.cf # there is no dash/undersocre between `CA` and `file` for : `CAfile` smtpd_tls_CAfile = /etc/postfix/cacert.pem https://www.geotrust.com/resources/root-certificates/index.html #Download the first Root CA 1; and use the DER version openssl x509 -inform der -in Equifax_Secure_Certificate_Authority_DER.cer |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 |
-out Equifax_Secure_Certificate_Authority.pem #also yo can test the certificate by typing at the command promt openssl verify Equifax_Secure_Certificate_Authority.pem #append this file content pem to the end of your file: cacert.pem sudo postfix reload test with your mail/script for example: =================================================== #!/usr/bin/python import smtplib sender = 'services@iesensor.com' receivers = ['services@iesensor.com'] message = """From: From Person <services@iesensor.com> To: To Person <services@iesensor.com> Subject: SMTP e-mail test from services@iesensor.com This is a test e-mail message from services@iesensor.com. """ try: smtpObj = smtplib.SMTP('localhost') smtpObj.sendmail(sender, receivers, message) print "Successfully sent email" except SMTPException: print "Error: unable to send email" ============================================== |
BSD documentation licensed Free for non-commercial usage only Author: Qingfeng XIA
copyright (C) 2011-2017
http://www.iesensor.com
please keep the original link in your reference.
http://www.iesensor.com/blog/2011/05/28/solution-to-certificate-verification-failed-for-smtp-gmail-com-via-update-equifax-secure-certificate-authority/
