subject:"\[Dovecot\] TLS Issue"

Re: [Dovecot] TLS Issue

2010-07-12 Thread Heiko Schlittermann

Leander S. leander.schae...@googlemail.com (Sa 10 Jul 2010 23:14:45 CEST):
 Hi,
 
 I use Postfix  Dovecot with TLS / SSL - it authenticates / works
 fine - except I'm always getting this ugly SSL cert warning messages
 mit MTAs.
 It says that the following:
 
 
 You have attempted to establish a connection with server.
 However, the security certificate presented belongs to *.server.
 It is possible, though unlikely, that someone may be trying to
 intercept your communication with this web site.
   

Web site?

 Is there a serverside solution that I wont get that any more? Why is
 * as a wildcard not working? Iwonder How gMail or other providers
 solve that issue

If a wildcard is accepted, depends on the client. Some clients enforce
at least two labels (domains) following the wildcard (like:
*.example.com).

Why do you really need a wildcard cert?

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
-- 
 SCHLITTERMANN.de  internet  unix support -
 Heiko Schlittermann HS12-RIPE -
 gnupg encrypted messages are welcome - key ID: 48D0359B ---
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -


signature.asc
Description: Digital signature

[Dovecot] TLS Issue

2010-07-10 Thread Leander S.


Hi,

I use Postfix  Dovecot with TLS / SSL - it authenticates / works fine - 
except I'm always getting this ugly SSL cert warning messages mit MTAs.

It says that the following:


You have attempted to establish a connection with server. However, 
the security certificate presented belongs to *.server. It is 
possible, though unlikely, that someone may be trying to intercept your 
communication with this web site.



Is there a serverside solution that I wont get that any more? Why is * 
as a wildcard not working? Iwonder How gMail or other providers solve 
that issue



Regards

Re: [Dovecot] TLS Issue

2010-07-10 Thread Brandon Davidson

Leander,

On 7/10/10 2:14 PM, Leander S. leander.schae...@googlemail.com wrote:
 You have attempted to establish a connection with server. However,
 the security certificate presented belongs to *.server. It is
 possible, though unlikely, that someone may be trying to intercept your
 communication with this web site.

IIRC, wildcard certificates are only valid for subdomains. *.domain.com
would be valid for a.domain.com, b.domain.com, but not domain.com. It also
relies upon the client supporting wildcard certs.

-Brad

Re: [Dovecot] TLS Issue

[Dovecot] TLS Issue

Re: [Dovecot] TLS Issue

3 matches

Site Navigation

Mail list logo

Footer information