When using latest version ot openssl for TLS connection gives the following error:
139640766993728:error:141A318A: SSL routines:tls_process_ske_dhe:dh key too small:../ssl/statem/statem_clnt.c:2156:
or with qmail + TLS patchqmail deferral: TLS_connect_failed:_error:141A318A: SSL_routines:tls_process_ske_dhe:dh_key_too_small...
Edit your openssl.cnf file (Debian - /etc/ssl/openssl.cnf):
[system_default_sect]change CipherString default to 1:
MinProtocol = TLSv1.2
CipherString = DEFAULT@SECLEVEL=2
[system_default_sect]Less secure but it works.
MinProtocol = TLSv1.2
CipherString = DEFAULT@SECLEVEL=1