On Fri, Aug 30, 2019 at 08:23:06PM +1000, Ross L Richardson wrote: > > >Synopsis: smtp(1) - fails to verify certificate, dumps core >[...]
The recent update fixed the core dump [thanks!], but there is still a problem with certificate validation. nc(1) considers the certificate to be valid... $ nc -cvz smtp.fastmail.com smtps Connection to smtp.fastmail.com 465 port [tcp/smtps] succeeded! TLS handshake negotiated TLSv1.2/ECDHE-RSA-AES256-GCM-SHA384 with host smtp.fastmail.com Peer name: smtp.fastmail.com Subject: /C=AU/L=Melbourne/O=FastMail Pty Ltd/CN=*.fastmail.com Issuer: /C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA Valid From: Fri Sep 22 10:00:00 2017 Valid Until: Fri Oct 9 23:00:00 2020 Cert Hash: SHA256:b16a72a2d36869b7104c6b889967d8b58d119328680242ea5e79ce68da92e41a OCSP URL: http://ocsp.digicert.com ...but smtp(1) reports it as invalid. $ smtp -nv -s smtps://smtp.fastmail.com trying host 66.111.4.139 port 465... validating server certificate... connection error: Invalid server certificate done... Ross
