Paul's Programming Notes     Archive     Feed     Github

Sendmail/STARTTLS verify=FAIL

Oct 19 14:04:34 Billing sm-mta[17583]: STARTTLS=client,, version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-RC4-SHA, bits=128/128

If you see those errors in your mail.log and your emails are failing to send, you need to add your ssl cert from apache to the sendmail config in /etc/mail/
# CA directory
O CACertPath=/etc/apache2/ssl
# CA file
O CACertFile=/etc/apache2/ssl/
# Server Cert
O ServerCertFile=/etc/apache2/ssl/example.cert
# Server private key
O ServerKeyFile=/etc/apache2/ssl/example.key