Hi, I upgraded my Ubuntu box from 10.04 to 11.10, i.e. postfix was upgraded from 2.7.0 to 2.8.0.
The local postfix is setup to relay mail to a remote server, including mandatory TLS and certificate verification. The setup worked great with 2.7.0, but after the upgrade I get following errors: certificate verification failed for example.org untrusted issuer /C=DE/ST=NW/O=My CA/CN=Me/email=mys...@example.org [..] status=deferred (Server certificate not trusted) (I did not change the postfix config during the postfix upgrade) My tls related configuration looks like this: smtp_use_tls = yes smtp_tls_security_level = secure smtp_tls_CApath = /etc/postfix/certs smtp_tls_protocols = !SSLv2, !SSLv3 smtp_tls_ciphers = high smtp_tls_exclude_ciphers = aNULL, MD5 smtp_tls_mandatory_protocols = !SSLv2, !SSLv3 smtp_tls_mandatory_ciphers = high smtp_tls_mandatory_exclude_ciphers = aNULL, MD5 The directory /etc/postfix contains the certificate from the relay host (and c_rehash was executed). Was the verification algorithm somehow changed between postfix 2.7.0 and 2.8.0? Best regards Georg
