We help IT Professionals succeed at work.
Get Started

SSL / Certificate issue for TLS setup

TheSonicGod
TheSonicGod asked
on
4 Comments
2 Solutions
3,776 Views
Last Modified: 2014-08-05
Hi Everyone,

I need your suggestions, I am trying to setup TLS for an exchange 2007 server and sonicwall ES3300 appliance and I have an error I do not understand.

I have configured the setup as recommended by MS support and Sonicwall support and I beleive that I have a certificate error now but I do not understand what the error is.

The error I am getting is: Cert NOT VALIDATED: unable to get local issuer certificate - So email is encrypted but the domain is not verified

I am checking the setup via http://checktls.com and everything passes except the cert test.

Thanks in advance for any of your suggestions or help.

TheSonicGod

here are the test results (BOLD on the error message):

Checking USER@mydomain.com
looking up MX hosts on domain " mydomain.com"
1.      mail. mydomain.com (preference:10)
Trying TLS on mail. mydomain.com[64.40.XXX.X] (10):
seconds            test stage and result
[000.098]            Connected to server
[000.176]      <--      220 mail.mydomain.com ESMTP mail.mydomain.com
[000.177]            We are allowed to connect
[000.177]      -->      EHLO checktls.com
[000.380]      <--      250-mail.mydomain.com
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-DSN
250-STARTTLS
250 SIZE 31457280
[000.381]            We can use this server
[000.381]            TLS is an option on this server
[000.381]      -->      STARTTLS
[000.472]      <--      220 2.2.0 Ready to start TLS
[000.473]            STARTTLS command works on this server
[000.675]      ssl      : new ctx 33617352
: start handshake
: ssl handshake not started
: set socket to non-blocking to enforce timeout=30
: Net::SSLeay::connect -> -1
: ssl handshake in progress
: waiting for fd to become ready: SSL wants a read first
: socket ready, retrying connect
: ok=0 cert=34553944
: ok=0 cert=34553944
: ok=0 cert=34553944
: Net::SSLeay::connect -> -1
: ssl handshake in progress
: waiting for fd to become ready: SSL wants a read first
: socket ready, retrying connect
: Net::SSLeay::connect -> 1
: ssl handshake done
[000.676]            Cipher in use: AES256-SHA
[000.676]            Connection converted to SSL
[000.677]            Cert Authority: /C=US/O=Thawte, Inc./OU=Domain Validated SSL/CN=Thawte DV SSL CA
[000.677]            Cert Owner: /O=mail.mydomain.com/OU=Go to https://www.thawte.com/repository/index.html/OU=Thawte SSL123 certificate/OU=Domain Validated/CN=mail.mydomain.com
[000.710]      ssl       Certificate 1 of 3 in chain:
-----BEGIN CERTIFICATE-----
MIIERjCCAy6gAwIBAgIQCO7R53NaPPDmnMbxx46iizANBgkqhkiG9w0BAQUFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEZMBcGA1UEAxMQVGhhd3RlIERWIFNTTCBDQTAe
Fw0xMTEwMzEwMDAwMDBaFw0xMjEwMzAyMzU5NTlaMIG8MR4wHAYDVQQKExVtYWls
LmNpcGhlcnBoYXJtYS5jb20xOzA5BgNVBAsTMkdvIHRvIGh0dHBzOi8vd3d3LnRo
YXd0ZS5jb20vcmVwb3NpdG9yeS9pbmRleC5odG1sMSIwIAYDVQQLExlUaGF3dGUg
U1NMMTIzIGNlcnRpZmljYXRlMRkwFwYDVQQLExBEb21haW4gVmFsaWRhdGVkMR4w
HAYDVQQDExVtYWlsLmNpcGhlcnBoYXJtYS5jb20wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7v1lnbOLWXLD/VG6oGSAPWMSzj+QkerAa/e/KXVzqyJ5o
xtTnik80mdoN9tvK9XTBAscWG15KwyGUJx1TXDPuYl5/YrasrdPEnjlxNQJ0bBjv
5zIgIi22J0QrdthGIuImXyeQR/rRTMubeOqa2rr83Bcojjw5JdOd6slowXuk5aV0
dIYTyTuP+iLs8W5XU9DdjY1+3C7LGQAyV8xHZBU97RAdDZXFL3kEQiTgy5YSqZUt
OhMQvGF5SFJeKDB2oJ1aH5vZMazwhctYMxglMxBV//gWsoWzU7yxEr2EeXb8GXV0
pmq+kEItr2eLdw+w8/KxzQfOYJC2iSHIcmSS2OZbAgMBAAGjgaAwgZ0wDAYDVR0T
AQH/BAIwADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vc3ZyLWR2LWNybC50aGF3
dGUuY29tL1RoYXd0ZURWLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC50aGF3
dGUuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQC907NzdPhRmm60YVuWvA0bsABUcSN8
0omG6xbUoTJYPRbvzTR1HrdrSJYCHLqfrqZztwr0JfzG6b5catmUkjMUkQ51qIlA
pvs+8phBYpnHt7uAxkZKgoDCAFSeCUl1IvvTqXcEgvPqDXVtMhDX5+5Gya5sXdfM
YlC6pA7FsC4MBortSQhBXEhAro/UR5FRuDcYEFbE/QrQW6kLuU0iwNVhNgaL8ioM
WpYLi7E7s9glP1QUMtqBEEP76bw5G6FfBgRHuReStm/nCRXMJjMuMeVcHOhcdmMh
IwehLLLpQhDV74O4CywcHP/Nn71mc7zsSO6FJnymu5fdMaYyaeWdUiL8
-----END CERTIFICATE-----
Certificate:
  Data:
    Version: 3 (0x2)
    Serial Number:
      08:ee:d1:e7:73:5a:3c:f0:e6:9c:c6:f1:c7:8e:a2:8b
    Signature Algorithm: sha1WithRSAEncryption
    Issuer:
      countryName         = US
      organizationName      = Thawte, Inc.
      organizationalUnitName  = Domain Validated SSL
      commonName        = Thawte DV SSL CA
    Validity
      Not Before: Oct 31 00:00:00 2011 GMT
      Not After : Oct 30 23:59:59 2012 GMT
    Subject:
      organizationName      = mail.mydomain.com
      organizationalUnitName  = Go to https://www.thawte.com/repository/index.html
      organizationalUnitName  = Thawte SSL123 certificate
      organizationalUnitName  = Domain Validated
      commonName        = mail.mydomain.com
    Subject Public Key Info:
      Public Key Algorithm: rsaEncryption
        Public-Key: (2048 bit)
        Modulus:
          00:bb:bf:59:67:6c:e2:d6:5c:b0:ff:54:6e:a8:19:
          20:0f:58:c4:b3:8f:e4:24:7a:b0:1a:fd:ef:ca:5d:
          5c:ea:c8:9e:68:c6:d4:e7:8a:4f:34:99:da:0d:f6:
          db:ca:f5:74:c1:02:c7:16:1b:5e:4a:c3:21:94:27:
          1d:53:5c:33:ee:62:5e:7f:62:b6:ac:ad:d3:c4:9e:
          39:71:35:02:74:6c:18:ef:e7:32:20:22:2d:b6:27:
          44:2b:76:d8:46:22:e2:26:5f:27:90:47:fa:d1:4c:
          cb:9b:78:ea:9a:da:ba:fc:dc:17:28:8e:3c:39:25:
          d3:9d:ea:c9:68:c1:7b:a4:e5:a5:74:74:86:13:c9:
          3b:8f:fa:22:ec:f1:6e:57:53:d0:dd:8d:8d:7e:dc:
          2e:cb:19:00:32:57:cc:47:64:15:3d:ed:10:1d:0d:
          95:c5:2f:79:04:42:24:e0:cb:96:12:a9:95:2d:3a:
          13:10:bc:61:79:48:52:5e:28:30:76:a0:9d:5a:1f:
          9b:d9:31:ac:f0:85:cb:58:33:18:25:33:10:55:ff:
          f8:16:b2:85:b3:53:bc:b1:12:bd:84:79:76:fc:19:
          75:74:a6:6a:be:90:42:2d:af:67:8b:77:0f:b0:f3:
          f2:b1:cd:07:ce:60:90:b6:89:21:c8:72:64:92:d8:
          e6:5b
        Exponent: 65537 (0x10001)
    X509v3 extensions:
      X509v3 Basic Constraints: critical
        CA:FALSE
      X509v3 CRL Distribution Points:
        Full Name:
          URI:http://svr-dv-crl.thawte.com/ThawteDV.crl
      X509v3 Extended Key Usage:
        TLS Web Server Authentication, TLS Web Client Authentication
      Authority Information Access:
        OCSP - URI:http://ocsp.thawte.com
  Signature Algorithm: sha1WithRSAEncryption
    bd:d3:b3:73:74:f8:51:9a:6e:b4:61:5b:96:bc:0d:1b:b0:00:
    54:71:23:7c:d2:89:86:eb:16:d4:a1:32:58:3d:16:ef:cd:34:
    75:1e:b7:6b:48:96:02:1c:ba:9f:ae:a6:73:b7:0a:f4:25:fc:
    c6:e9:be:5c:6a:d9:94:92:33:14:91:0e:75:a8:89:40:a6:fb:
    3e:f2:98:41:62:99:c7:b7:bb:80:c6:46:4a:82:80:c2:00:54:
    9e:09:49:75:22:fb:d3:a9:77:04:82:f3:ea:0d:75:6d:32:10:
    d7:e7:ee:46:c9:ae:6c:5d:d7:cc:62:50:ba:a4:0e:c5:b0:2e:
    0c:06:8a:ed:49:08:41:5c:48:40:ae:8f:d4:47:91:51:b8:37:
    18:10:56:c4:fd:0a:d0:5b:a9:0b:b9:4d:22:c0:d5:61:36:06:
    8b:f2:2a:0c:5a:96:0b:8b:b1:3b:b3:d8:25:3f:54:14:32:da:
    81:10:43:fb:e9:bc:39:1b:a1:5f:06:04:47:b9:17:92:b6:6f:
    e7:09:15:cc:26:33:2e:31:e5:5c:1c:e8:5c:76:63:21:23:07:
    a1:2c:b2:e9:42:10:d5:ef:83:b8:0b:2c:1c:1c:ff:cd:9f:bd:
    66:73:bc:ec:48:ee:85:26:7c:a6:bb:97:dd:31:a6:32:69:e5:
    9d:52:22:fc
                   
[000.742]      ssl       Certificate 2 of 3 in chain:
-----BEGIN CERTIFICATE-----
MIIERjCCAy6gAwIBAgIQCO7R53NaPPDmnMbxx46iizANBgkqhkiG9w0BAQUFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEZMBcGA1UEAxMQVGhhd3RlIERWIFNTTCBDQTAe
Fw0xMTEwMzEwMDAwMDBaFw0xMjEwMzAyMzU5NTlaMIG8MR4wHAYDVQQKExVtYWls
LmNpcGhlcnBoYXJtYS5jb20xOzA5BgNVBAsTMkdvIHRvIGh0dHBzOi8vd3d3LnRo
YXd0ZS5jb20vcmVwb3NpdG9yeS9pbmRleC5odG1sMSIwIAYDVQQLExlUaGF3dGUg
U1NMMTIzIGNlcnRpZmljYXRlMRkwFwYDVQQLExBEb21haW4gVmFsaWRhdGVkMR4w
HAYDVQQDExVtYWlsLmNpcGhlcnBoYXJtYS5jb20wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7v1lnbOLWXLD/VG6oGSAPWMSzj+QkerAa/e/KXVzqyJ5o
xtTnik80mdoN9tvK9XTBAscWG15KwyGUJx1TXDPuYl5/YrasrdPEnjlxNQJ0bBjv
5zIgIi22J0QrdthGIuImXyeQR/rRTMubeOqa2rr83Bcojjw5JdOd6slowXuk5aV0
dIYTyTuP+iLs8W5XU9DdjY1+3C7LGQAyV8xHZBU97RAdDZXFL3kEQiTgy5YSqZUt
OhMQvGF5SFJeKDB2oJ1aH5vZMazwhctYMxglMxBV//gWsoWzU7yxEr2EeXb8GXV0
pmq+kEItr2eLdw+w8/KxzQfOYJC2iSHIcmSS2OZbAgMBAAGjgaAwgZ0wDAYDVR0T
AQH/BAIwADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vc3ZyLWR2LWNybC50aGF3
dGUuY29tL1RoYXd0ZURWLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC50aGF3
dGUuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQC907NzdPhRmm60YVuWvA0bsABUcSN8
0omG6xbUoTJYPRbvzTR1HrdrSJYCHLqfrqZztwr0JfzG6b5catmUkjMUkQ51qIlA
pvs+8phBYpnHt7uAxkZKgoDCAFSeCUl1IvvTqXcEgvPqDXVtMhDX5+5Gya5sXdfM
YlC6pA7FsC4MBortSQhBXEhAro/UR5FRuDcYEFbE/QrQW6kLuU0iwNVhNgaL8ioM
WpYLi7E7s9glP1QUMtqBEEP76bw5G6FfBgRHuReStm/nCRXMJjMuMeVcHOhcdmMh
IwehLLLpQhDV74O4CywcHP/Nn71mc7zsSO6FJnymu5fdMaYyaeWdUiL8
-----END CERTIFICATE-----
Certificate:
  Data:
    Version: 3 (0x2)
    Serial Number:
      08:ee:d1:e7:73:5a:3c:f0:e6:9c:c6:f1:c7:8e:a2:8b
    Signature Algorithm: sha1WithRSAEncryption
    Issuer:
      countryName         = US
      organizationName      = Thawte, Inc.
      organizationalUnitName  = Domain Validated SSL
      commonName        = Thawte DV SSL CA
    Validity
      Not Before: Oct 31 00:00:00 2011 GMT
      Not After : Oct 30 23:59:59 2012 GMT
    Subject:
      organizationName      = mail.mydomain.com
      organizationalUnitName  = Go to https://www.thawte.com/repository/index.html
      organizationalUnitName  = Thawte SSL123 certificate
      organizationalUnitName  = Domain Validated
      commonName        = mail.mydomain.com
    Subject Public Key Info:
      Public Key Algorithm: rsaEncryption
        Public-Key: (2048 bit)
        Modulus:
          00:bb:bf:59:67:6c:e2:d6:5c:b0:ff:54:6e:a8:19:
          20:0f:58:c4:b3:8f:e4:24:7a:b0:1a:fd:ef:ca:5d:
          5c:ea:c8:9e:68:c6:d4:e7:8a:4f:34:99:da:0d:f6:
          db:ca:f5:74:c1:02:c7:16:1b:5e:4a:c3:21:94:27:
          1d:53:5c:33:ee:62:5e:7f:62:b6:ac:ad:d3:c4:9e:
          39:71:35:02:74:6c:18:ef:e7:32:20:22:2d:b6:27:
          44:2b:76:d8:46:22:e2:26:5f:27:90:47:fa:d1:4c:
          cb:9b:78:ea:9a:da:ba:fc:dc:17:28:8e:3c:39:25:
          d3:9d:ea:c9:68:c1:7b:a4:e5:a5:74:74:86:13:c9:
          3b:8f:fa:22:ec:f1:6e:57:53:d0:dd:8d:8d:7e:dc:
          2e:cb:19:00:32:57:cc:47:64:15:3d:ed:10:1d:0d:
          95:c5:2f:79:04:42:24:e0:cb:96:12:a9:95:2d:3a:
          13:10:bc:61:79:48:52:5e:28:30:76:a0:9d:5a:1f:
          9b:d9:31:ac:f0:85:cb:58:33:18:25:33:10:55:ff:
          f8:16:b2:85:b3:53:bc:b1:12:bd:84:79:76:fc:19:
          75:74:a6:6a:be:90:42:2d:af:67:8b:77:0f:b0:f3:
          f2:b1:cd:07:ce:60:90:b6:89:21:c8:72:64:92:d8:
          e6:5b
        Exponent: 65537 (0x10001)
    X509v3 extensions:
      X509v3 Basic Constraints: critical
        CA:FALSE
      X509v3 CRL Distribution Points:
        Full Name:
          URI:http://svr-dv-crl.thawte.com/ThawteDV.crl
      X509v3 Extended Key Usage:
        TLS Web Server Authentication, TLS Web Client Authentication
      Authority Information Access:
        OCSP - URI:http://ocsp.thawte.com
  Signature Algorithm: sha1WithRSAEncryption
    bd:d3:b3:73:74:f8:51:9a:6e:b4:61:5b:96:bc:0d:1b:b0:00:
    54:71:23:7c:d2:89:86:eb:16:d4:a1:32:58:3d:16:ef:cd:34:
    75:1e:b7:6b:48:96:02:1c:ba:9f:ae:a6:73:b7:0a:f4:25:fc:
    c6:e9:be:5c:6a:d9:94:92:33:14:91:0e:75:a8:89:40:a6:fb:
    3e:f2:98:41:62:99:c7:b7:bb:80:c6:46:4a:82:80:c2:00:54:
    9e:09:49:75:22:fb:d3:a9:77:04:82:f3:ea:0d:75:6d:32:10:
    d7:e7:ee:46:c9:ae:6c:5d:d7:cc:62:50:ba:a4:0e:c5:b0:2e:
    0c:06:8a:ed:49:08:41:5c:48:40:ae:8f:d4:47:91:51:b8:37:
    18:10:56:c4:fd:0a:d0:5b:a9:0b:b9:4d:22:c0:d5:61:36:06:
    8b:f2:2a:0c:5a:96:0b:8b:b1:3b:b3:d8:25:3f:54:14:32:da:
    81:10:43:fb:e9:bc:39:1b:a1:5f:06:04:47:b9:17:92:b6:6f:
    e7:09:15:cc:26:33:2e:31:e5:5c:1c:e8:5c:76:63:21:23:07:
    a1:2c:b2:e9:42:10:d5:ef:83:b8:0b:2c:1c:1c:ff:cd:9f:bd:
    66:73:bc:ec:48:ee:85:26:7c:a6:bb:97:dd:31:a6:32:69:e5:
    9d:52:22:fc
                   
[000.812]      ssl       Certificate 3 of 3 in chain:
-----BEGIN CERTIFICATE-----
MIIERjCCAy6gAwIBAgIQCO7R53NaPPDmnMbxx46iizANBgkqhkiG9w0BAQUFADBe
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMVGhhd3RlLCBJbmMuMR0wGwYDVQQLExRE
b21haW4gVmFsaWRhdGVkIFNTTDEZMBcGA1UEAxMQVGhhd3RlIERWIFNTTCBDQTAe
Fw0xMTEwMzEwMDAwMDBaFw0xMjEwMzAyMzU5NTlaMIG8MR4wHAYDVQQKExVtYWls
LmNpcGhlcnBoYXJtYS5jb20xOzA5BgNVBAsTMkdvIHRvIGh0dHBzOi8vd3d3LnRo
YXd0ZS5jb20vcmVwb3NpdG9yeS9pbmRleC5odG1sMSIwIAYDVQQLExlUaGF3dGUg
U1NMMTIzIGNlcnRpZmljYXRlMRkwFwYDVQQLExBEb21haW4gVmFsaWRhdGVkMR4w
HAYDVQQDExVtYWlsLmNpcGhlcnBoYXJtYS5jb20wggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7v1lnbOLWXLD/VG6oGSAPWMSzj+QkerAa/e/KXVzqyJ5o
xtTnik80mdoN9tvK9XTBAscWG15KwyGUJx1TXDPuYl5/YrasrdPEnjlxNQJ0bBjv
5zIgIi22J0QrdthGIuImXyeQR/rRTMubeOqa2rr83Bcojjw5JdOd6slowXuk5aV0
dIYTyTuP+iLs8W5XU9DdjY1+3C7LGQAyV8xHZBU97RAdDZXFL3kEQiTgy5YSqZUt
OhMQvGF5SFJeKDB2oJ1aH5vZMazwhctYMxglMxBV//gWsoWzU7yxEr2EeXb8GXV0
pmq+kEItr2eLdw+w8/KxzQfOYJC2iSHIcmSS2OZbAgMBAAGjgaAwgZ0wDAYDVR0T
AQH/BAIwADA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vc3ZyLWR2LWNybC50aGF3
dGUuY29tL1RoYXd0ZURWLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC50aGF3
dGUuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQC907NzdPhRmm60YVuWvA0bsABUcSN8
0omG6xbUoTJYPRbvzTR1HrdrSJYCHLqfrqZztwr0JfzG6b5catmUkjMUkQ51qIlA
pvs+8phBYpnHt7uAxkZKgoDCAFSeCUl1IvvTqXcEgvPqDXVtMhDX5+5Gya5sXdfM
YlC6pA7FsC4MBortSQhBXEhAro/UR5FRuDcYEFbE/QrQW6kLuU0iwNVhNgaL8ioM
WpYLi7E7s9glP1QUMtqBEEP76bw5G6FfBgRHuReStm/nCRXMJjMuMeVcHOhcdmMh
IwehLLLpQhDV74O4CywcHP/Nn71mc7zsSO6FJnymu5fdMaYyaeWdUiL8
-----END CERTIFICATE-----
Certificate:
  Data:
    Version: 3 (0x2)
    Serial Number:
      08:ee:d1:e7:73:5a:3c:f0:e6:9c:c6:f1:c7:8e:a2:8b
    Signature Algorithm: sha1WithRSAEncryption
    Issuer:
      countryName         = US
      organizationName      = Thawte, Inc.
      organizationalUnitName  = Domain Validated SSL
      commonName        = Thawte DV SSL CA
    Validity
      Not Before: Oct 31 00:00:00 2011 GMT
      Not After : Oct 30 23:59:59 2012 GMT
    Subject:
      organizationName      = mail.mydomain.com
      organizationalUnitName  = Go to https://www.thawte.com/repository/index.html
      organizationalUnitName  = Thawte SSL123 certificate
      organizationalUnitName  = Domain Validated
      commonName        = mail.mydomain.com
    Subject Public Key Info:
      Public Key Algorithm: rsaEncryption
        Public-Key: (2048 bit)
        Modulus:
          00:bb:bf:59:67:6c:e2:d6:5c:b0:ff:54:6e:a8:19:
          20:0f:58:c4:b3:8f:e4:24:7a:b0:1a:fd:ef:ca:5d:
          5c:ea:c8:9e:68:c6:d4:e7:8a:4f:34:99:da:0d:f6:
          db:ca:f5:74:c1:02:c7:16:1b:5e:4a:c3:21:94:27:
          1d:53:5c:33:ee:62:5e:7f:62:b6:ac:ad:d3:c4:9e:
          39:71:35:02:74:6c:18:ef:e7:32:20:22:2d:b6:27:
          44:2b:76:d8:46:22:e2:26:5f:27:90:47:fa:d1:4c:
          cb:9b:78:ea:9a:da:ba:fc:dc:17:28:8e:3c:39:25:
          d3:9d:ea:c9:68:c1:7b:a4:e5:a5:74:74:86:13:c9:
          3b:8f:fa:22:ec:f1:6e:57:53:d0:dd:8d:8d:7e:dc:
          2e:cb:19:00:32:57:cc:47:64:15:3d:ed:10:1d:0d:
          95:c5:2f:79:04:42:24:e0:cb:96:12:a9:95:2d:3a:
          13:10:bc:61:79:48:52:5e:28:30:76:a0:9d:5a:1f:
          9b:d9:31:ac:f0:85:cb:58:33:18:25:33:10:55:ff:
          f8:16:b2:85:b3:53:bc:b1:12:bd:84:79:76:fc:19:
          75:74:a6:6a:be:90:42:2d:af:67:8b:77:0f:b0:f3:
          f2:b1:cd:07:ce:60:90:b6:89:21:c8:72:64:92:d8:
          e6:5b
        Exponent: 65537 (0x10001)
    X509v3 extensions:
      X509v3 Basic Constraints: critical
        CA:FALSE
      X509v3 CRL Distribution Points:
        Full Name:
          URI:http://svr-dv-crl.thawte.com/ThawteDV.crl
      X509v3 Extended Key Usage:
        TLS Web Server Authentication, TLS Web Client Authentication
      Authority Information Access:
        OCSP - URI:http://ocsp.thawte.com
  Signature Algorithm: sha1WithRSAEncryption
    bd:d3:b3:73:74:f8:51:9a:6e:b4:61:5b:96:bc:0d:1b:b0:00:
    54:71:23:7c:d2:89:86:eb:16:d4:a1:32:58:3d:16:ef:cd:34:
    75:1e:b7:6b:48:96:02:1c:ba:9f:ae:a6:73:b7:0a:f4:25:fc:
    c6:e9:be:5c:6a:d9:94:92:33:14:91:0e:75:a8:89:40:a6:fb:
    3e:f2:98:41:62:99:c7:b7:bb:80:c6:46:4a:82:80:c2:00:54:
    9e:09:49:75:22:fb:d3:a9:77:04:82:f3:ea:0d:75:6d:32:10:
    d7:e7:ee:46:c9:ae:6c:5d:d7:cc:62:50:ba:a4:0e:c5:b0:2e:
    0c:06:8a:ed:49:08:41:5c:48:40:ae:8f:d4:47:91:51:b8:37:
    18:10:56:c4:fd:0a:d0:5b:a9:0b:b9:4d:22:c0:d5:61:36:06:
    8b:f2:2a:0c:5a:96:0b:8b:b1:3b:b3:d8:25:3f:54:14:32:da:
    81:10:43:fb:e9:bc:39:1b:a1:5f:06:04:47:b9:17:92:b6:6f:
    e7:09:15:cc:26:33:2e:31:e5:5c:1c:e8:5c:76:63:21:23:07:
    a1:2c:b2:e9:42:10:d5:ef:83:b8:0b:2c:1c:1c:ff:cd:9f:bd:
    66:73:bc:ec:48:ee:85:26:7c:a6:bb:97:dd:31:a6:32:69:e5:
    9d:52:22:fc
                   
[000.812]            Cert NOT VALIDATED: unable to get local issuer certificate
[000.812]            So email is encrypted but the domain is not verified
[000.813]      ssl      : scheme=http cert=34553944
: identity=mail.mydomain.com cn=mail.mydomain.com alt=
[000.813]            Cert Hostname VERIFIED (mail.mydomain.com)
[000.813]      ~~>      EHLO checktls.com
[000.814]      ssl      write_all VM at entry=vm_unknown
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 1890
partial `EHLO checktls.com
'
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 1893
written so far 19:19 bytes (VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 2012
[000.979]      ssl      got `250 SIZE 31457280
' (19:0 bytes, VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/debug_read.al) line 1837
[000.979]      <~~      250-mail.mydomain.com
250-8BITMIME
250-ENHANCEDSTATUSCODES
250-DSN
250 SIZE 31457280
[000.980]            TLS successfully started on this server
[000.980]      ~~>      MAIL FROM: <test@checktls.com>
[000.981]      ssl      write_all VM at entry=vm_unknown
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 1890
partial `MAIL FROM:
'
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 1893
written so far 32:32 bytes (VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 2012

[001.060]      ssl      got `250 2.1.0 MAIL ok
' (19:0 bytes, VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/debug_read.al) line 1837
[001.061]      <~~      250 2.1.0 MAIL ok
[001.061]            Sender is OK
[001.061]      ~~>      RCPT TO: <jchan@mydomain.com>
[001.062]      ssl      write_all VM at entry=vm_unknown
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 1890
partial `RCPT TO:
'
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 1893
written so far 35:35 bytes (VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 2012

[001.143]      ssl      got `250 2.0.0 Ok
' (14:0 bytes, VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/debug_read.al) line 1837
[001.143]      <~~      250 2.0.0 Ok
[001.143]            Recipient OK, E-mail address proofed
[001.144]      ~~>      QUIT
[001.145]      ssl      write_all VM at entry=vm_unknown
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 1890
partial `QUIT
'
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 1893
written so far 6:6 bytes (VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/ssl_write_all.al) line 2012
[001.224]      ssl      got `221 2.0.0 Bye
' (15:0 bytes, VM=vm_unknown)
at blib/lib/Net/SSLeay.pm (autosplit into blib/lib/auto/Net/SSLeay/debug_read.al) line 1837
[001.224]      <~~      221 2.0.0 Bye
[001.228]      ssl      : free ctx 33617352 open=33617352
: free ctx 33617352 callback
: OK free ctx 33617352



Comment
Watch Question
Commented:
This problem has been solved!
Unlock 2 Answers and 4 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE