#1 2018-03-22 21:17:35

zarthan
Member
Registered: 2018-02-25
Posts: 15

No email generated

I am testing 2 servers. Using the same script on each server, one sends an email the other does not. The one that sends includes the Gmail TLS session ticket etc. The one that doesn't send shows the following.

Using stored SMTP server info...
Found conf/smtpsrvs file...
2018-03-22T20:50:11|  Opening port 587 for SMTPout-587 service...
CONNECTED(00000003)
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 305 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1521751835
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)
---
Firewall rule SMTPout-587 closed.
Backup finished

Both servers are in the same network, different vlans, and both can reach smtp.gmail.com. Anyone have any ideas.

Thanks

Offline

#2 2018-03-23 11:46:00

admin
Administrator
Registered: 2017-04-21
Posts: 1,367

Re: No email generated

You have a definitive message

no peer certificate available

Have you assigned a hostname?
does it make sense in terms of being resolvable?
OpenSSL is not presenting a certificate, maybe it can't for some reason.

https://stackoverflow.com/questions/244 … ertificate

Offline

#3 2018-03-23 15:23:43

zarthan
Member
Registered: 2018-02-25
Posts: 15

Re: No email generated

The esxi machine has a hostname. If I open the port and run
openssl s_client -connect smtp.gmail.com:587 -servername smtp.gmail.com
it responds the same way, so I assume is on my side. I just don't know what is wrong and how to solve it. I do believe you are correct that openssl isn't presenting a certificate but which certificate. The contents of the /etc/vmware/ssl directories show the same content so I don't think there is anything missing, but one of them could be broken.

Offline

#4 2018-03-23 17:18:59

admin
Administrator
Registered: 2017-04-21
Posts: 1,367

Re: No email generated

Follow the white rabbit called no peer certificate available, use a different e-mail server, use your own local SMTP without authentication, use a different e-mail server without SSL, reinstall ESXi...

You have multiple possible ways to fix or work your problem around.

Offline

#5 2018-03-23 17:26:44

zarthan
Member
Registered: 2018-02-25
Posts: 15

Re: No email generated

I  have been going through those things. Just wondered if someone had seen the issue and found the answer. Since the same script works with one ESXi host and not the other and both use the same firewall rules, there is most likely a difference at the ESXi level. I will post back when I solved it.

Offline

#6 2018-03-24 20:50:25

zarthan
Member
Registered: 2018-02-25
Posts: 15

Re: No email generated

Just to update this post for future reference. In the end, it was just the SMTP port. I had created the scripts and copied the scripts and config files to both servers. This is my home lab and some time elapsed between deploying the script on the first server and the second. I am used to using port 587 rather than the less common 465. I had obviously changed the SMTP port on the first server. Since so much time had elapsed, I didn't think about the port change. Anyway, Gmail port 465 a must.

Offline

Board footer