Am 02.01.22 um 17:11 schrieb Karsten:
Basically you can install the self-signed certificate (if you or a
trusted party signed it, and you have transmitted it over a secure
channel, for instance, via SFTP or SCP) into the trust store (assuming
it suits both the TLS server and the signing CA roles
Am 02.01.22 um 16:07 schrieb Matthias Andree:
> Am 02.01.22 um 14:03 schrieb Karsten:
>> Am 02.01.22 um 12:15 schrieb Matthias Andree:
I am the owner of the domain so nobody is hijacked!
>>> Are you the owner of "mydomain.de" or of the unnamed domain you intended
>>> not to show to the
Am 02.01.22 um 15:28 schrieb Matthias Andree:
>>> Untrue. Messages were fetched without proper protection from
>>> MITM/eavesdropping attacks, unless you were using *other* options to
>>> ensure authenticity of the server. Which I doubt, else you would have
>>> asked specific questions about
Am 02.01.22 um 14:03 schrieb Karsten:
Am 02.01.22 um 12:15 schrieb Matthias Andree:
I am the owner of the domain so nobody is hijacked!
Are you the owner of "mydomain.de" or of the unnamed domain you intended
not to show to the public?
Do you want to help with this new certificate issue or
Am 02.01.22 um 14:24 schrieb Karsten:
Am 02.01.22 um 12:28 schrieb Matthias Andree:
But it would be helpful for others what must be done to create and install this new
"client side certificate" that
appears about 2018?
I think the certificate issue was there right from the beginning.
Am 02.01.22 um 12:28 schrieb Matthias Andree:
> But it would be helpful for others what must be done to create and install
> this new "client side certificate" that
appears about 2018?
>>> I think the certificate issue was there right from the beginning.
>> Definitely no. Mails where
Am 02.01.22 um 12:15 schrieb Matthias Andree:
>> I am the owner of the domain so nobody is hijacked!
>
> Are you the owner of "mydomain.de" or of the unnamed domain you intended
> not to show to the public?
Do you want to help with this new certificate issue or discuss the ownership of
domains?
Am 02.01.22 um 11:54 schrieb Karsten:
Am 01.01.22 um 17:53 schrieb László Böszörményi (GCS):
On Sat, Jan 1, 2022 at 2:30 PM Karsten wrote:
But it would be helpful for others what must be done to create and install this new
"client side certificate" that
appears about 2018?
I think the
Am 01.01.22 um 14:26 schrieb Karsten:
Hello Matthias,
Am 01.01.22 um 14:10 schrieb Matthias Andree:
Notice something?
i notice everything. :-)
You hijack somebody else's domain for "anonymization" purposes and
expect someone to help you, and you did not respond to hints the server
CA's
Am 01.01.22 um 17:53 schrieb László Böszörményi (GCS):
> On Sat, Jan 1, 2022 at 2:30 PM Karsten wrote:
>> But it would be helpful for others what must be done to create and install
>> this new "client side certificate" that
>> appears about 2018?
> I think the certificate issue was there right
On Sat, Jan 1, 2022 at 2:30 PM Karsten wrote:
> But it would be helpful for others what must be done to create and install
> this new "client side certificate" that
> appears about 2018?
I think the certificate issue was there right from the beginning.
OpenSSL might not have forced its usage or
Hello Matthias,
Am 01.01.22 um 14:10 schrieb Matthias Andree:
> Notice something?
i notice everything. :-)
>
> You hijack somebody else's domain for "anonymization" purposes and
> expect someone to help you, and you did not respond to hints the server
> CA's signing certificate might be
Hello Matthias,
Am 31.12.21 um 20:05 schrieb Matthias Andree:
>> What must be done to get it working again?
This question has not been answered.
I could only find out that this problems did arrive with the introduction of
TLS1.3.
> Unless you own "mydomain.de" you've now hit innocent
Happy new year Karsten.
Am 01.01.22 um 13:53 schrieb Karsten:
Hello Matthias,
Am 31.12.21 um 20:05 schrieb Matthias Andree:
What must be done to get it working again?
This question has not been answered.
[...]
The security relevant logdata is of course anonymized or altered.
Notice
On Fri, Dec 31, 2021 at 8:09 PM Matthias Andree wrote:
> > The log says:
[...]
> > fetchmail: Server certificate verification error: self signed certificate
> > fetchmail: Missing trust anchor certificate:
[...]
> > What must be done to get it working again?
Snipped to the relevant part of the
Am 31.12.21 um 16:32 schrieb Karsten:
Package: fetchmail
Version: 6.4.16-4+deb11u1
Severity: important
I upgraded the server from Debian 9 to 11 and afterwards it seems not possible
to get fetchmail to work.
I tried every possible option of ssl and sslproto, but fetchmail can't fetch
the
Hi Karsten,
On Fri, Dec 31, 2021 at 4:36 PM Karsten wrote:
> I upgraded the server from Debian 9 to 11 and afterwards it seems not
> possible to get fetchmail to work.
>
> I tried every possible option of ssl and sslproto, but fetchmail can't fetch
> the mails.
> The log says:
[...]
>
Package: fetchmail
Version: 6.4.16-4+deb11u1
Severity: important
I upgraded the server from Debian 9 to 11 and afterwards it seems not possible
to get fetchmail to work.
I tried every possible option of ssl and sslproto, but fetchmail can't fetch
the mails.
The log says:
fetchmail: Trying to
18 matches
Mail list logo