Alexander Leidinger via Postfix-users:
> What is wrong here that [tlsproxy] doesn't establish a trusted connection
> to the github mailservers when posttls-finger is able to do that with
> the same cert store?
Because there are differences between tlsproxy and posttls-finger.
1) Different executable files may be subject to different SeLinux,
AppArmor etc. policies.
2) Different privileges: tlsproxy runs as the "postfix" user,
posttls-finger as "root".
3) Different certificate stores, when tlsproxy may runs chrooted,
and posttls-finger does not.
Wietse
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
