I'm following the steps listed in the Documentation and I can get a successful connection but attempting to actually send an email gets a 250 Ok response but no message id and no message is sent to my inbox.
openssl s_client -crlf -starttls smtp -connect email-smtp.us-east-1.amazonaws.com:587 0<input.txt
CONNECTED(000002F4)
depth=3 C = US, ST = Arizona, L = Scottsdale, O = "Starfield Technologies, Inc.", CN = Starfield Services Root Certificate Authority - G2
verify error:num=20:unable to get local issuer certificate
---
Certificate chain
0 s:/CN=email-smtp.us-east-1.amazonaws.com
i:/C=US/O=Amazon/OU=Server CA 1B/CN=Amazon
1 s:/C=US/O=Amazon/OU=Server CA 1B/CN=Amazon
i:/C=US/O=Amazon/CN=Amazon Root CA 1
2 s:/C=US/O=Amazon/CN=Amazon Root CA 1
i:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2
3 s:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2
i:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
<super long server certificate>
-----END CERTIFICATE-----
subject=/CN=email-smtp.us-east-1.amazonaws.com
issuer=/C=US/O=Amazon/OU=Server CA 1B/CN=Amazon
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 5292 bytes and written 469 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 5B1EDC39B0B80D50AEAEF28A1F7E49846B77A4B9FF5A7BA347A620F56F9D0FE8
Session-ID-ctx:
Master-Key: <Long master key>
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1528749113
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
250 Ok
421 Timeout waiting for data from client.
closed
The main thing that has me worried is this: Verify return code: 20 (unable to get local issuer certificate) which isn't mentioned anywhere in the documentation and makes me wonder if I'm supposed to be sending a cert of some sort. My Input file looks like this:
EHLO domain.com
AUTH LOGIN
smtp_username
smtp_password line 1
smtp_password line 2
MAIL FROM: verified_email1@domain.com
RCPT TO: verified_email1@domain.com
DATA
From: Sender Name <verified_email1@domain.com>
To: verified_email1@domain.com
Subject: Amazon SES SMTP Test
This message was sent using the Amazon SES SMTP interface.
.
QUIT
Does anyone have any idea what I'm doing wrong? I am attempting to do this on a Windows 10 os using the openssl for Windows if that could be the problem but considering the fact that I get all the way to a 250 Ok I don't think that's the issue.
Turns out the issue is Window's version of OpenSSL. Running the exact same command on a linux machine works just fine. Leaving answer here and closing just in case someone else follows in my footsteps and wonders why their windows version isn't working.