I have a mail server at host.effortlessis.com set up with LetsEncrypt certificates. Whenever I turn on the smtps test, I get a status RED from xymon with the error message:
Service smtps on host.effortlessis.com is not OK : Service listening but unavailable (SSL error)
Any idea how to resolve this?
Some config details that might help:
xymon-4.3.30 on CentOS Linux release 7.9.2009 (Core) No issues with smtp test.
hosts.cfg 51.68.205.149 host.effortlessis.com # smtp smtps conn imaps sni https:// host.effortlessis.com
server/etc/protocols.cfg [smtps] send "ehlo xymonnet\r\nquit\r\n" expect "220" options ssl,banner port 465
The SSL certificate passes fine if I check it manually. (monitor is the name of the xymon host and I am running this test as the xymon daemon user)
[xymon at monitor ~]$ echo "quit" | openssl s_client -starttls smtp -connect host.effortlessis.com:465 > /dev/null depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = R3 verify return:1 depth=0 CN = host.effortlessis.com verify return:1 250 SMTPUTF8 DONE