[Xymon] smtps checks seem to always fail
Lists
lists at benjamindsmith.com
Tue Jun 15 20:44:19 CEST 2021
I have a mail server at host.effortlessis.com set up with LetsEncrypt
certificates. Whenever I turn on the smtps test, I get a status RED from xymon
with the error message:
Service smtps on host.effortlessis.com is not OK : Service listening but
unavailable (SSL error)
Any idea how to resolve this?
Some config details that might help:
xymon-4.3.30 on CentOS Linux release 7.9.2009 (Core)
No issues with smtp test.
hosts.cfg
51.68.205.149 host.effortlessis.com # smtp smtps conn imaps sni https://
host.effortlessis.com
server/etc/protocols.cfg
[smtps]
send "ehlo xymonnet\r\nquit\r\n"
expect "220"
options ssl,banner
port 465
The SSL certificate passes fine if I check it manually. (monitor is the name of
the xymon host and I am running this test as the xymon daemon user)
[xymon at monitor ~]$ echo "quit" | openssl s_client -starttls smtp -connect
host.effortlessis.com:465 > /dev/null
depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = host.effortlessis.com
verify return:1
250 SMTPUTF8
DONE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20210615/8306805b/attachment.sig>
More information about the Xymon
mailing list