[BlueOnyx:26511] Re: Strange SSL error
Rodrigo Ordoñez Licona
rordonez at xnet.com.mx
Sat Sep 23 17:41:45 -05 2023
Hi,
We are still ahving this problem on a newly yummed 5211, Server offer the
BX.Host certificate instead of the domain when using
outlook with pops and smtps ,
Certificate is letsencrypt
Do I have to install an specific package to receive the correction, The
domain only has 1 alias.
Regards
Rodrigo o
Xnet
-----Mensaje original-----
De: Blueonyx <blueonyx-bounces at mail.blueonyx.it> En nombre de Michael
Stauber via Blueonyx
Enviado el: lunes, 18 de septiembre de 2023 06:09 p. m.
Para: Colin Jack <colin at mainline.co.uk>; BlueOnyx General Mailing List
<blueonyx at mail.blueonyx.it>
Asunto: [BlueOnyx:26486] Re: Strange SSL error
Hi Colin,
> Unfortunately that hasn't fixed it.
> I set up a test and still get a problem.
>
> The vsite in question has the main host FQDN with 3 aliases:
>
> So vsite is for example mail.domain.com Also aliases smtp.domain.com,
> pop.domain.com
>
> If the email client settings use incoming server as mail.domain.com all
works fine.
> If the email client uses either of the aliases it fails - returning
> the BX host cert. :-/
Indeed. I just replicated that setup on a test box and did some testing.
The revised code from last weekend indeed wasn't catching all "DNS:"
entries from the parsed SSL cert. If that line had three entries, it caught
the first and last entry and ignored the middle one.
I just published new base-email-* RPMs for BlueOnyx 5210R and 5211R which
fix this issue.
Please do another "yum clean all" and "yum update" to get these updates.
That will then also automatically restart CCEd, which will then fix the SNI
cert configs for both Dovecot and Postfix.
Sorry about that.
--
With best regards
Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list