What problem are you seeing? It uses the correct SSL certs when I
connect.
prompt> gnutls-cli --port 993 mail.nimmini.de
Processed 149 CA certificate(s).
Resolving 'mail.nimmini.de:993'...
Connecting to '46.38.231.143:993'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `CN=nimmini.de', issuer `CN=Let's Encrypt Authority X3,O=Let's
Encrypt,C=US', serial 0x049c7758b8b9555ffdfe5b701b28c1e0a3c6, RSA key 2048
bits, signed using RSA-SHA256, activated `2018-12-26 21:37:59 UTC', expires
`2019-03-26 21:37:59 UTC',
pin-sha256="0G1iyw4AAayWktCk3M9gauB01s4guqgidOQotb1u49I="
Public Key ID:
sha1:e03d4c14e735791a4a0924057676bee73b5e199f
sha256:d06d62cb0e0001ac9692d0a4dccf606ae074d6ce20baa82274e428b5bd6ee3d2
Public Key PIN:
pin-sha256:0G1iyw4AAayWktCk3M9gauB01s4guqgidOQotb1u49I=
- Certificate[1] info:
- subject `CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US', issuer `CN=DST
Root CA X3,O=Digital Signature Trust Co.', serial
0x0a0141420000015385736a0b85eca708, RSA key 2048 bits, signed using RSA-SHA256,
activated `2016-03-17 16:40:46 UTC', expires `2021-03-17 16:40:46 UTC',
pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="
- Status: The certificate is trusted.
- Description: (TLS1.2)-(ECDHE-SECP384R1)-(RSA-SHA256)-(AES-256-GCM)
- Session ID:
0B:1D:9F:A2:73:92:FA:E7:02:08:98:49:14:A6:69:1B:2D:D4:30:F0:62:A9:AF:B2:4C:B7:79:94:CF:3E:41:A2
- Options: safe renegotiation,
- Handshake was completed
- Simple Client Mode:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready.
. logout
- Peer has closed the GnuTLS connection
prompt> gnutls-cli --port 993 mail.bitcorner.de
Processed 149 CA certificate(s).
Resolving 'mail.bitcorner.de:993'...
Connecting to '37.120.166.21:993'...
- Certificate type: X.509
- Got a certificate list of 2 certificates.
- Certificate[0] info:
- subject `CN=bitcorner.de', issuer `CN=Let's Encrypt Authority X3,O=Let's
Encrypt,C=US', serial 0x046f144c168497bce339d1dc4abab194139f, RSA key 2048
bits, signed using RSA-SHA256, activated `2018-12-26 20:46:48 UTC', expires
`2019-03-26 20:46:48 UTC',
pin-sha256="wZrqFPu/9op8PgqIkm0oK5VoNDPfOzWkX45rNf9IIHk="
Public Key ID:
sha1:5d5172ccea888d3340a158eff2c2cb3cb4ccac23
sha256:c19aea14fbbff68a7c3e0a88926d282b95683433df3b35a45f8e6b35ff482079
Public Key PIN:
pin-sha256:wZrqFPu/9op8PgqIkm0oK5VoNDPfOzWkX45rNf9IIHk=
- Certificate[1] info:
- subject `CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US', issuer `CN=DST
Root CA X3,O=Digital Signature Trust Co.', serial
0x0a0141420000015385736a0b85eca708, RSA key 2048 bits, signed using RSA-SHA256,
activated `2016-03-17 16:40:46 UTC', expires `2021-03-17 16:40:46 UTC',
pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="
- Status: The certificate is trusted.
- Description: (TLS1.2)-(ECDHE-SECP384R1)-(RSA-SHA256)-(AES-256-GCM)
- Session ID:
B4:69:62:88:14:52:1A:54:A5:E9:42:F1:7A:4D:3D:EB:4E:90:D0:07:28:1B:2F:16:A1:BE:45:2C:B6:68:AE:1E
- Options: safe renegotiation,
- Handshake was completed
- Simple Client Mode:
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE
AUTH=PLAIN AUTH=CRAM-MD5] Dovecot ready.
. logout
- Peer has closed the GnuTLS connection
--
Greg
signature.asc
Description: This is a digitally signed message part
