Fixed it. Apparently --no-verify-ssl only deals with the hostname on the certificate.
I added the following to the 'use' section at the top of rt-mailgate: use IO::Socket::SSL; and then in the get_useragent function, I added the following ssl_opts line: $ua->ssl_opts( SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE ); Now my legitimately signed wildcard cert (*.mydomain.tld) doesn't error out because of a bad hostname, or an untrusted cert in the middle of the chain. -A On Wed, Apr 29, 2015 at 9:01 PM, Aaron C. de Bruyn <aa...@heyaaron.com> wrote: > Mailgate has been driving me nuts. I downloaded 4.2.10 and set it up > on a bright, shiny new server. > > I'm running fetchmail on my RT box using the following to send tickets to RT: > > poll mail.mydomain.tld with protocol pop3 > username engineering password -redacted- mda > "/opt/rt4/bin/rt-mailgate --no-verify-ssl --queue engineering --action > correspond --url https://tickets.mydomain.tld --debug" > > Fetchmail complains about the MDA erroring out. Increasing fetchmail > debugging shows: > > fetchmail: about to deliver with: /opt/rt4/bin/rt-mailgate > --no-verify-ssl --queue engineering --action correspond --url > https://tickets.mydomain.tld/ --debug > #***/opt/rt4/bin/rt-mailgate: temp file is '/tmp/Ax6Or2dgc1/23FBulXCfc' > /opt/rt4/bin/rt-mailgate: connecting to > https://tickets.mydomain.tld//REST/1.0/NoAuth/mail-gateway > HTTP request failed: 500 Can't connect to tickets.mydomain.tld:443 > (certificate verify failed). Your webserver logs may have more > information or there may be a network problem. > > /opt/rt4/bin/rt-mailgate: undefined server error > fetchmail: MDA returned nonzero status 75 > not flushed > fetchmail: POP3> QUIT > > > I even get an SSL error when running from the command line: > > root@tickets:/opt# /opt/rt4/bin/rt-mailgate --no-verify-ssl --queue > engineering --action correspond --url https://tickets.mydomain.tld/ > --debug > test <ctrl+d> > /opt/rt4/bin/rt-mailgate: temp file is '/tmp/9vlYhx9C9X/kI4IQo0RRw' > /opt/rt4/bin/rt-mailgate: connecting to > https://tickets.mydomain.tld//REST/1.0/NoAuth/mail-gateway > HTTP request failed: 500 Can't connect to tickets.mydomain.tld:443 > (certificate verify failed). Your webserver logs may have more > information or there may be a network problem. > > /opt/rt4/bin/rt-mailgate: undefined server error > root@tickets:/opt# > > It's acting like it's ignoring --no-verify-ssl. > > Am I missing something? > > Thanks, > > -A