Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue
Hi people!
I’m currently trying to set up Passbolt CE on my Ubuntu 22.04 LTS Server. I managed to suffer through the installation, and managed to arrive at configuring SMTP upon the first login.
I will be real with You, I have just finished setting up Mailcow dockerized, as it’s my trusty little mail server. However when I try to import it’s data into Passbolt, I get:
Email could not be sent: SMTP server did not accept the connection or trying to connect to non TLS SMTP server using TLS.
See trace[220] mail.my.domain ESMTP Postcow
EHLO passbolt.my.domain
[250] mail.my.domain
[250] PIPELINING
[250] SIZE 104857600
[250] ETRN
[250] STARTTLS
[250] ENHANCEDSTATUSCODES
[250] 8BITMIME
[250] DSN
[250] CHUNKING
STARTTLS
[220] 2.0.0 Ready to start TLS
and that’s about it. I made triple sure I use the correct port, username and password, I also tried turning off TLS, using different ports, etc. On Mailcow, I am able to see the connection in logs:
08/30/2023, 04:24:31 PM warning warning: TLS library problem: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:…/ssl/record/rec_layer_s3.c:1543:SSL alert number 48:
now, what is interesting that both of these are running with the same wildcard certificate, imported directly into them(no reverse proxies included).
Upon reading the alert i have decided to try and import the CA certificate into trusted linux store, but while I succeeded, it didn’t change anything.
Mailcow and Passbolt are on seperate hosts, and Mailcow is only reachable on my local network(because of the DNS fqdn name being only on my domain controller). I checked if it is working properly using
openssl s_client -connect mail.my.domain:587 -starttls smtp
and what do you know, everything is fine, even when trying EHLO:
EHLO "i am here"
250-mail.my.domain
250-PIPELINING
250-SIZE 104857600
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 CHUNKING
I’m including lines that I added tomy docker-compose.yml(following some tutorial, maybe even from this forum) - maybe that can shine some light on the certificates.
dovecot-mailcow:
volumes:
- /opt/mailcow-dockerized/ssl/fullchain.crt:/etc/ssl/mail/cert.pem:ro
- /opt/mailcow-dockerized/ssl/my.domain.key:/etc/ssl/mail/key.pem:ro
postfix-mailcow:
volumes:
- /opt/mailcow-dockerized/ssl/fullchain.crt:/etc/ssl/mail/cert.pem:ro
- /opt/mailcow-dockerized/ssl/my.domain.key:/etc/ssl/mail/key.pem:ro
nginx-mailcow:
volumes:
- /opt/mailcow-dockerized/ssl/fullchain.crt:/etc/ssl/mail/cert.pem:ro
- /opt/mailcow-dockerized/ssl/my.domain.key:/etc/ssl/mail/key.pem:ro
and lastly, the screenshot:
note: obviously I swapped out my domain name for my.domain at every occurence
Any idea would be awesome as I’m out of ideas, the only thing that comes to my mind is the wildcard being an issue(and yes the certificates are good and tested). Help plz !