On 3/15/22 19:16, Thomas Bohl wrote:
>
>>> IIUC the client server needs the CA Certificate that was used to
>>> generate the SMTP-server Certificate in its /etc/ssl/cert.pem (on
>>> OpenBSD).
>>
>> Thanks. I did try this but it's still not working out.
>>
>
>> Download the server certificate and
IIUC the client server needs the CA Certificate that was used to
generate the SMTP-server Certificate in its /etc/ssl/cert.pem (on
OpenBSD).
Thanks. I did try this but it's still not working out.
Download the server certificate and append it to our /etc/ssl/certs.pem
client# scp
On Tue, Mar 15, 2022 at 05:11:14PM +0100, Marcus MERIGHI wrote:
>Hello,
>
>rea...@catastrophe.net (rea...@catastrophe.net), 2022.03.15 (Tue) 00:27 (CET):
>> On Tue, Mar 15, 2022 at 09:40:34AM +1100, Dipesh Sharma wrote:
>> >Did you try the 'tls no-verify' option described here:
>>
Hello,
rea...@catastrophe.net (rea...@catastrophe.net), 2022.03.15 (Tue) 00:27 (CET):
> On Tue, Mar 15, 2022 at 09:40:34AM +1100, Dipesh Sharma wrote:
> >Did you try the 'tls no-verify' option described here:
> >https://man.openbsd.org/smtpd.conf#tls ? If you are sure that some host
> >under
On Tue, Mar 15, 2022 at 09:40:34AM +1100, Dipesh Sharma wrote:
>Did you try the 'tls no-verify' option described here:
>https://man.openbsd.org/smtpd.conf#tls ? If you are sure that some host
>under example.com is talking to the correct mail.example.com host, it is OK
>to skip the certificate
Did you try the 'tls no-verify' option described here:
https://man.openbsd.org/smtpd.conf#tls ? If you are sure that some host
under example.com is talking to the correct mail.example.com host, it is OK
to skip the certificate verification.
Thanks,
Dipesh
On Tue, Mar 15, 2022 at 7:18 AM
A private CA has issued server certs to mail.example.org. However, when
smtpd from another server in the example.org domain connects to
mail.example.org, TLS validation fails and the message exchange falls back
to smtp+notls
Is there way to add a cert chain somewhere that smtpd will do a chain