<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Am 07.03.2018 um 17:00 schrieb Andrew Nichols via Info-cyrus:<br>
<blockquote type="cite"
cite="mid:CFEAE31B-5955-4D45-AB43-1002D317D8C6@quadrant.net">
<pre wrap="">
Hello,
We run a cyrus-imap 2.5.11 server under FreeBSD and we are experiencing issues with TLS/STARTTLS negotiation failed entries in the log, which show as timeouts on the client side. It’s all different email clients and even our monitoring experiencing these failures. Other TLS services (https mostly) on the same server do not have these failures. There are also times when these errors ramp up and happen to most TLS clients, which is only solved by restarting cyrus. Has anyone else experiences these issues or have any tips on where to look to figure out the root cause?</pre>
</blockquote>
<br>
Has your server enough entropy?<br>
Specially cloud servers with no physical ports can run low on
entropy and the random number generator used for SSL/TLS stuff needs
to way until it is filled up again.<br>
<br>
<p>To check the amount of bytes of entropy currently available, use</p>
<pre><code>cat /proc/sys/kernel/random/entropy_avail
>From <a class="moz-txt-link-freetext" href="https://serverfault.com/questions/214605/gpg-does-not-have-enough-entropy">https://serverfault.com/questions/214605/gpg-does-not-have-enough-entropy</a></code>
</pre>
<br>
André<br>
</body>
</html>