Re: [Dovecot] TLS Issue
Leander S. leander.schae...@googlemail.com (Sa 10 Jul 2010 23:14:45 CEST): Hi, I use Postfix Dovecot with TLS / SSL - it authenticates / works fine - except I'm always getting this ugly SSL cert warning messages mit MTAs. It says that the following: You have attempted to establish a connection with server. However, the security certificate presented belongs to *.server. It is possible, though unlikely, that someone may be trying to intercept your communication with this web site. Web site? Is there a serverside solution that I wont get that any more? Why is * as a wildcard not working? Iwonder How gMail or other providers solve that issue If a wildcard is accepted, depends on the client. Some clients enforce at least two labels (domains) following the wildcard (like: *.example.com). Why do you really need a wildcard cert? Best regards from Dresden/Germany Viele Grüße aus Dresden Heiko Schlittermann -- SCHLITTERMANN.de internet unix support - Heiko Schlittermann HS12-RIPE - gnupg encrypted messages are welcome - key ID: 48D0359B --- gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B - signature.asc Description: Digital signature
[Dovecot] TLS Issue
Hi, I use Postfix Dovecot with TLS / SSL - it authenticates / works fine - except I'm always getting this ugly SSL cert warning messages mit MTAs. It says that the following: You have attempted to establish a connection with server. However, the security certificate presented belongs to *.server. It is possible, though unlikely, that someone may be trying to intercept your communication with this web site. Is there a serverside solution that I wont get that any more? Why is * as a wildcard not working? Iwonder How gMail or other providers solve that issue Regards
Re: [Dovecot] TLS Issue
Leander, On 7/10/10 2:14 PM, Leander S. leander.schae...@googlemail.com wrote: You have attempted to establish a connection with server. However, the security certificate presented belongs to *.server. It is possible, though unlikely, that someone may be trying to intercept your communication with this web site. IIRC, wildcard certificates are only valid for subdomains. *.domain.com would be valid for a.domain.com, b.domain.com, but not domain.com. It also relies upon the client supporting wildcard certs. -Brad