[BlueOnyx:26486] Re: Strange SSL error
Michael Stauber
mstauber at blueonyx.it
Mon Sep 18 19:08:36 -05 2023
Hi Colin,
> Unfortunately that hasn't fixed it.
> I set up a test and still get a problem.
>
> The vsite in question has the main host FQDN with 3 aliases:
>
> So vsite is for example mail.domain.com
> Also aliases smtp.domain.com, pop.domain.com
>
> If the email client settings use incoming server as mail.domain.com all works fine.
> If the email client uses either of the aliases it fails - returning the BX host cert. :-/
Indeed. I just replicated that setup on a test box and did some testing.
The revised code from last weekend indeed wasn't catching all "DNS:"
entries from the parsed SSL cert. If that line had three entries, it
caught the first and last entry and ignored the middle one.
I just published new base-email-* RPMs for BlueOnyx 5210R and 5211R
which fix this issue.
Please do another "yum clean all" and "yum update" to get these updates.
That will then also automatically restart CCEd, which will then fix the
SNI cert configs for both Dovecot and Postfix.
Sorry about that.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list