Issue:
HTTP SSL logins are working correctly. SSL logins via SMTP are not.
My keyfile.kyr is not the default name. e.g. (mykeyfile.kyr)
Server is Domino 6.5.2 running on Redhat Linux.
Troubleshooting Steps:
1. Checked SMTP ports and verified they were enabled in server document.
2. In configuration document for server, checked the advanced STMP/Router settings - STARTTLS setting which is the SSL enablement over TCP/IP.
3. Checked the Internet Site Incoming SMTP docs that SSL allowed both name/password and anonymous. Checked that keyfile was specified correctly.
(keyfile is in data folder. tried both mykeyfile.kyr and local/notesdata/mykeyfile.kyr full path unsuccessfully)
4. Checked file permissions and verified that all users could at least read the files (kyr and sth).
5. Added SSL_TRACE_KEYFILEREAD=1 to server's configuration ini settings.
Once this was enabled, the issue was reported as: the password for keyfile.kyr is incorrect.
This log line was not correct, the server does not have a keyfile.kyr. The SSL key file names have another prefix (e.g. acme.kyr and acme.sth).
After rechecking the SMTP Internet Sites docs and seeing that none contained keyfile.kyr, I then proceeded to make copies of the originals using keyfile.kyr and keyfile.sth as the filenames.
After telling the router and SMTP to update their config docs, the incoming SMTP servers connected successfully. Evidently there is a bug in Domino that the SMTP server wants keyfile.kyr regardless of what is actually specified.
previous page
|