Kyle Wheeler wrote:
On Friday, May 18 at 03:46 PM, quoth Alex Kirk:
Even easier:
openssl s_client -starttls smtp -connect localhost:25
If that takes longer than a second to connect, we've found our culprit.
~Kyle
Nope. Took maybe a half-second before I got "CONNECTED(00000004)".
Sorry, I misspoke. It's not how long it takes to get connected, it's
how long it takes to see the greeting. The greeting will look
something like this:
220 domain.com
~Kyle
Aha! That's definitely it!
Thank you so much for continuing to work with me on this. I *greatly*
appreciate it.
Meanwhile, for posterity's take, I got dh1024.pem and dh512.pem out of
/usr/src/lib/libssl/src/apps/ on my OpenBSD 3.8 system (you may not have
to generate them, just copy them from somewhere like I did).
I'm going to go look at the docs for the starttls patch, because it's
unlike me to have skipped a step like this. Hopefully either I was an
idiot when I installed the patch, or I can submit a doc patch to spare
other people this hassle in the future.
Alex Kirk
|