Re: Letsencrypt/OpenSSL test - Verify return code: 21

2021-04-12 Thread Oscar del Rio
On 2021-04-10 12:09 p.m., Brady Shea wrote: I finally 'fixed' it myself by using the LE 'fullchain.pem' certificate as the location for the 'ssl_cert' entry (and chain.pem for the ca entry). Previously, it was using the normal cert.pem file location. This is still the way it's setup on the

Re: Letsencrypt/OpenSSL test - Verify return code: 21

2021-04-10 Thread Juri Haberland
On 11/04/2021 01:04, @lbutlr wrote: > On 10 Apr 2021, at 12:57, Juri Haberland wrote: >> On 10/04/2021 19:52, @lbutlr wrote: >>> On 10 Apr 2021, at 09:55, B Shea wrote: OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 >>> >>> There have been a few critical patches to open SSL in

Re: Letsencrypt/OpenSSL test - Verify return code: 21

2021-04-10 Thread @lbutlr
On 10 Apr 2021, at 12:57, Juri Haberland wrote: > On 10/04/2021 19:52, @lbutlr wrote: >> On 10 Apr 2021, at 09:55, B Shea wrote: >>> OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 >> >> There have been a few critical patches to open SSL in the last year, >> including a very

Re: Letsencrypt/OpenSSL test - Verify return code: 21

2021-04-10 Thread Juri Haberland
On 10/04/2021 19:52, @lbutlr wrote: > On 10 Apr 2021, at 09:55, B Shea wrote: >> OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 > > There have been a few critical patches to open SSL in the last year, > including a very important one to 1.1.1k just recently. > > Not to do with

Re: Letsencrypt/OpenSSL test - Verify return code: 21

2021-04-10 Thread @lbutlr
On 10 Apr 2021, at 09:55, B Shea wrote: > OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 There have been a few critical patches to open SSL in the last year, including a very important one to 1.1.1k just recently. Not to do with your issue, but I suspect updating both openssl and

Re: Letsencrypt/OpenSSL test - Verify return code: 21

2021-04-10 Thread Aki Tuomi
> On 10/04/2021 19:09 Brady Shea wrote: > > > OS: Ubuntu 20.04.2 (on mutli-core VM) > Dovecot (Ubuntu default/repo version): 2.3.7.2 (3c910f64b) > OpenSSL (Ubuntu default/repo version): 1.1.1f 31 Mar 2020 > > Reproducing- > > Run: "openssl s_client -showcerts -connect

Letsencrypt/OpenSSL test - Verify return code: 21

2021-04-10 Thread Brady Shea
OS: Ubuntu 20.04.2 (on mutli-core VM) Dovecot (Ubuntu default/repo version):  2.3.7.2 (3c910f64b) OpenSSL (Ubuntu default/repo version):  1.1.1f  31 Mar 2020 Reproducing- Run:  "openssl s_client -showcerts -connect imap.example.com:993 -servername imap.example.com" (using a diff domain

Letsencrypt/OpenSSL test - Verify return code: 21

2021-04-10 Thread B Shea
OS: Ubuntu 20.04.2 (on mutli-core VM) Dovecot (Ubuntu default/repo version):  2.3.7.2 (3c910f64b) OpenSSL (Ubuntu default/repo version):  1.1.1f  31 Mar 2020 Reproducing- Run:  "openssl s_client -showcerts -connect imap.example.com:993 -servername imap.example.com" (using a diff domain