On Thu, Jan 24, 2019 at 11:34:39PM -0700, phoenixsagar wrote:
> Issue : postfix is marking unexpired certificates as expired randomly for
> these certificate chains.
Postfix does not contain any code for verifying certificate expiration,
that's done by OpenSSL. OpenSSL has not history of the
Hi Viktor,
These wire pcap is taken at same time when issue occurred.
Above mentioned certificates are same certificates for which postfix is
marking expired. For this chain only issue occurred and after some time
marked as valid.
Issue : postfix is marking unexpired certificates as expired
On 24 Jan 2019, at 21:00, Peter wrote:
> On 21/01/19 23:43, phoenixsagar wrote:
>> notAfter: utcTime (0)
>> utcTime: 20-05-18 22:06:55 (UTC)
> ...
>> notAfter: utcTime (0)
>>
On 21/01/19 23:43, phoenixsagar wrote:
notAfter: utcTime (0)
utcTime: 20-05-18 22:06:55 (UTC)
...
notAfter: utcTime (0)
utcTime: 25-09-04 00:00:00 (UTC)
Those both look
On Mon, Jan 21, 2019 at 11:06:31PM -0700, phoenixsagar wrote:
> See the posted certificates from wire.
> I am not getting why this is random behaviour. At some time only certificate
> marked as expired and after some time same certificate gets marked as valid.
Perhaps you're reaching different
Hi viktor,
See the posted certificates from wire.
I am not getting why this is random behaviour. At some time only certificate
marked as expired and after some time same certificate gets marked as valid.
--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
Thanks viktor. All Certificates are valid for these
certificates Im getting above logs. Is there any issue due to missing root
CA certificate as client has not received any root CA certificate(Subject
and issuer different in all certificates) in capture ? Correct me If am
wrong I can only see End
> On Jan 21, 2019, at 2:40 AM, phoenixsagar wrote:
>
> Logs are like :
> postfix/backend/smtp[95117]: CA certificate verification failed for
> abc-abc.mail.abc.outlook.com[111.111.111.111]:25: certificate has expired
The key context here is "CA certificate verification". The expired
Just updated Logs
--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
On Mon, Jan 21, 2019 at 12:40:52AM -0700, phoenixsagar wrote:
> Logs are like :
> postfix/backend/smtp[95117]: CA certificate verification failed for
> abc-abc.mail.abc.outlook.com[111.111.111.111]:25: certificate has expired
> postfix/backend/smtp[95117]: Untrusted TLS connection established to
Randomly postfix is marking this as expired certificate and after some time
marking certificate as valid.
I have verified that certificate is not expired by taking pcap. Let me know
if is there any known defect in postfix of this sort ?
certificate details :
11 matches
Mail list logo
