Backup is fine by the way.
- macOS Sequoia 15.5, M2
- Duplicati 2.1.0.5_stable_2025-03-04
- Run as service via launchctl
- Mail response configured with starttls smtp
- Other clients correctly use the same smtp server from the same machine, including openssl
- Openssl shows no errors in certificates presented by the smtp server
- It was, and still is, a Let’s Encrypt certificate chain on the smtp server side
History:
- this setup worked fine before a gracefull sutdown of the machine for nearly 8 days (short vacation)
- in that period the server certificates (Let’s Encrypt) were renewed, they show no errors and this is a normal, frequent process that never results in errors.
- from the first backup after the start up of the machine it shows the MailKit error
- A restart of the machine, a restart of the service, checking the smtp connection, checking the certificates, following the MailKit troubleshooting tips all look working fine and do not give any clue on what could be wrong.
What are options to investigate further? What certificate store does MailKit within Duplicati use? How to check that certificate store? How to debug this issue?
Any pointer to eable further investigation is appreciated.
Full Error message:
- [Warning-Duplicati.Library.Modules.Builtin.ReportHelper-ReportSubmitError]: Failed to send message: MailKit.Security.SslHandshakeException: An error occurred while attempting to establish an SSL or TLS connection. The SSL certificate presented by the server is not trusted by the system for one or more of the following reasons: 1. The server is using a self-signed certificate which cannot be verified. 2. The local system is missing a Root or Intermediate certificate needed to verify the server’s certificate. 3. The certificate presented by the server is expired or invalid. See MailKit/FAQ.md at master · jstedfast/MailKit · GitHub for possible solutions. → System.Security.Authentication.AuthenticationException: The remote certificate was rejected by the provided RemoteCertificateValidationCallback. SslHandshakeException: An error occurred while attempting to establish an SSL or TLS connection. The SSL certificate presented by the server is not trusted by the system for one or more of the following reasons: 1. The server is using a self-signed certificate which cannot be verified. 2. The local system is missing a Root or Intermediate certificate needed to verify the server’s certificate. 3. The certificate presented by the server is expired or invalid. See MailKit/FAQ.md at master · jstedfast/MailKit · GitHub for possible solutions.