Closed kiurzz closed 1 year ago
Is it possible you have chroot enabled? The README has a note that might be helpful.
Ok my bad, I havn't read those lines... Now I have this error:
"TokenStore::Refresh: http error: error setting certificate verify locations:#012 CAfile: /etc/ssl/certs/ca-certificates.crt#012 CApath: /etc/ssl/certs"
When I check in /var/spool/postfix/etc/ssl/certs there is no ca-certificates.crt or ca-certificates.crt#12 but there is:
The next section in the README covers that topic. :) If that doesn't help, I'll need more information. What distribution/release are you using? What version of sasl-xoauth2? Did you build it yourself or are you using prebuilt binaries?
I'm on Ubuntu 20.04 LTS, for sasl-xoauth2 last version on Linux Packages via apt
Do you have ca_bundle_file
or ca_certs_dir
specified in sasl-xoauth2.conf
? What's your TLS configuration in /etc/postfix/main.cf
?
I don't have "ca_certs_dir" specified. There is my configuration:
Your config file specifies smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
, so it's interesting that that file doesn't make it into /var/spool/postfix
. Can you verify that /etc/ssl/certs/ca-certificates.crt
exists?
Hello, the file exists in /etc/ssl/certs/ but not in /var/spool/postfix/etc/ssl/certs
Try coping it over manually?
Hello, I have the same problem. Here's the error message I get:
TokenStore::Refresh: http error: SSL certificate problem: unable to get local issuer certificate
In the directory /var/spool/postfix/etc/ssl/certs/ is the file ca-certificates.crt, copied from the folder /etc/ssl/certs/ In the configuration file /etc/saslxoauth2.conf the following parameter is defined: "ca_certs_dir": "/var/spool/postfix/etc/ssl/certs" I tried setting the parameter ca_bundle_file but the error is the same. Server has Debian GNU/Linux 10 (buster) installed
Thanks for your support.
Can you try unsetting ca_certs_dir
and setting ca_bundle_file
to /etc/ssl/certs/ca-certificates.crt
? Note that I purposefully left out /var/spool/postfix
from the path (because I suspect you have chroot enabled, and so the plugin will never see that part of the path). If that doesn't work please provide the same config-file snippets that I asked for above from @kiurzz.
Ok, right. My mistake. Thank you. This is the current content of the /etc/sasl-xoauth2.conf file
And it works correctly, I get the tokens and they refresh automatically, but, I can't send the mails anyway. I always get the same error. This is the postfix log:
How do I know what is failing? Thanks again.
There aren't any sasl-xoauth2 traces in that log snippet, which leads me to believe that either 1) Postfix isn't successfully loading sasl-xoauth2 (in which case I'd suggest reviewing the README), or 2) sasl-xoauth2 is logging to /var/log/syslog
but you sent me /var/log/mail.log
(in which case, check /var/log/syslog
).
My apologies. It is now working properly. The problem I had is that at the time of obtaining the initial token I was identifying myself in O365 with a different user than the one configured in postfix for sending emails. Thanks for your help and patience.
Happy to help, and I'm glad you figured it out!
Hello, I have this issue:
The file exist, I can read-it and there is the output of the sasl-xoauth2-test-config:
Thanks for your help ;)