> This is a name mismatch: mailgun.org != mailgun.com.
Perhaps it's time for a larger font size :) I will put on my dunce cap and
go sit in the corner. But shame on Mailgun for responding to .com with a
.org certificate!
Lance
--
## List details at
On 18/04/2023 22:39, Evgeniy Berdnikov via Exim-users wrote:
mailgun.org != mailgun.com.
Good eyes!
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list -
On 18/04/2023 22:03, Lance Lovette via Exim-users wrote:
Exim version 4.95
X509v3 Subject Alternative Name:
DNS:*.mailgun.org, DNS:mailgun.org
[34.160.13.42] SSL verify error: certificate name mismatch:
DN="/C=US/ST=Texas/L=San Antonio/O=MAILGUN TECHNOLOGIES,
It appears the cert does have a SAN entry. (34.160.13.42 is an IP for
smtp.mailgun.org.)
$ openssl s_client -starttls smtp -connect 34.160.13.42:587 2>/dev/null
| openssl x509 -noout -text
X509v3 Subject Alternative Name:
DNS:*.mailgun.org, DNS:mailgun.org
I'm running
On Tue, Apr 18, 2023 at 05:03:47PM -0400, Lance Lovette via Exim-users wrote:
> It appears the cert does have a SAN entry. (34.160.13.42 is an IP for
> smtp.mailgun.org.)
>
> $ openssl s_client -starttls smtp -connect 34.160.13.42:587 2>/dev/null
> | openssl x509 -noout -text
>
>
On 18/04/2023 17:45, Jan Ingvoldstad via Exim-users wrote:
17. apr. 2023 kl. 14:44 skrev Sebastian Arcus via Exim-users
:
I couldn't agree more. I am permanently scarred emotionally from installing and
configuring SpamAssassin for the first time - and even after years of working
with
On 18/04/2023 20:08, Lance Lovette via Exim-users wrote:
SSL verify error: certificate name mismatch: DN="/C=US/ST=Texas/L=San
Antonio/O=MAILGUN TECHNOLOGIES, INC/CN=*.mailgun.org" H="smtp.mailgun.com"
Check to see if that cert had any SANs.
The current source has the name-check only
I'm getting an SSL verify error for messages delivered through my ESP :
SSL verify error: certificate name mismatch: DN="/C=US/ST=Texas/L=San
Antonio/O=MAILGUN TECHNOLOGIES, INC/CN=*.mailgun.org" H="smtp.mailgun.com"
Based on Jeremy's comment in this old bug report, the wildcard CN isn't an
> 17. apr. 2023 kl. 14:44 skrev Sebastian Arcus via Exim-users
> :
>
> I couldn't agree more. I am permanently scarred emotionally from installing
> and configuring SpamAssassin for the first time - and even after years of
> working with it I don't feel like I've managed to tame it :-)