subject:"\[exim\] Wildcard CN verify error"

Re: [exim] Wildcard CN verify error

2023-04-20 Thread Jasen Betts via Exim-users

On 2023-04-20, Jeremy Harris via Exim-users wrote: > On 20/04/2023 06:18, Jasen Betts via Exim-users wrote: >> On 2023-04-18, Lance Lovette via Exim-users wrote: This is a name mismatch: mailgun.org != mailgun.com. >>> >>> Perhaps it's time for a larger font size :) I will put on my dunce

Re: [exim] Wildcard CN verify error

2023-04-20 Thread Lance Lovette via Exim-users

> Just using * for those two would have the same effect, and save work. True. Good advice, thanks! I put together most of this configuration in 2001 and haven't needed to pay much attention to it until recently. Lance -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ##

Re: [exim] Wildcard CN verify error

2023-04-20 Thread Evgeniy Berdnikov via Exim-users

On Thu, Apr 20, 2023 at 09:26:38AM +0100, Jeremy Harris via Exim-users wrote: > On 20/04/2023 06:18, Jasen Betts via Exim-users wrote: > > Their .com is a cname pointing to the .org, so the same host is both > > .com and .org, but their host isn't using SNI. > > This raises the question: should

Re: [exim] Wildcard CN verify error

2023-04-20 Thread Jeremy Harris via Exim-users

As a side-note, On 18/04/2023 20:08, Lance Lovette via Exim-users wrote: smtp_mailgun: [...]] hosts_require_auth = <; $host_address hosts_require_tls = <; $host_address Just using * for those two would have the same effect, and save work. -- Cheers, Jeremy -- ## List

Re: [exim] Wildcard CN verify error

2023-04-20 Thread Jeremy Harris via Exim-users

On 20/04/2023 06:18, Jasen Betts via Exim-users wrote: On 2023-04-18, Lance Lovette via Exim-users wrote: This is a name mismatch: mailgun.org != mailgun.com. Perhaps it's time for a larger font size :) I will put on my dunce cap and go sit in the corner. But shame on Mailgun for responding

Re: [exim] Wildcard CN verify error

2023-04-19 Thread Jasen Betts via Exim-users

On 2023-04-18, Lance Lovette via Exim-users wrote: > I'm getting an SSL verify error for messages delivered through my ESP : > > SSL verify error: certificate name mismatch: DN="/C=US/ST=Texas/L=San > Antonio/O=MAILGUN TECHNOLOGIES, INC/CN=*.mailgun.org" H="smtp.mailgun.com" > > Based on

Re: [exim] Wildcard CN verify error

2023-04-19 Thread Jasen Betts via Exim-users

On 2023-04-18, Lance Lovette via Exim-users wrote: >> This is a name mismatch: mailgun.org != mailgun.com. > > Perhaps it's time for a larger font size :) I will put on my dunce cap and > go sit in the corner. But shame on Mailgun for responding to .com with a > .org certificate! > > Lance Their

Re: [exim] Wildcard CN verify error

2023-04-18 Thread Lance Lovette via Exim-users

> This is a name mismatch: mailgun.org != mailgun.com. Perhaps it's time for a larger font size :) I will put on my dunce cap and go sit in the corner. But shame on Mailgun for responding to .com with a .org certificate! Lance -- ## List details at

Re: [exim] Wildcard CN verify error

2023-04-18 Thread Jeremy Harris via Exim-users

On 18/04/2023 22:39, Evgeniy Berdnikov via Exim-users wrote: mailgun.org != mailgun.com. Good eyes! -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list -

Re: [exim] Wildcard CN verify error

2023-04-18 Thread Jeremy Harris via Exim-users

On 18/04/2023 22:03, Lance Lovette via Exim-users wrote: Exim version 4.95 X509v3 Subject Alternative Name: DNS:*.mailgun.org, DNS:mailgun.org [34.160.13.42] SSL verify error: certificate name mismatch: DN="/C=US/ST=Texas/L=San Antonio/O=MAILGUN TECHNOLOGIES,

Re: [exim] Wildcard CN verify error

2023-04-18 Thread Lance Lovette via Exim-users

It appears the cert does have a SAN entry. (34.160.13.42 is an IP for smtp.mailgun.org.) $ openssl s_client -starttls smtp -connect 34.160.13.42:587 2>/dev/null | openssl x509 -noout -text X509v3 Subject Alternative Name: DNS:*.mailgun.org, DNS:mailgun.org I'm running

Re: [exim] Wildcard CN verify error

2023-04-18 Thread Evgeniy Berdnikov via Exim-users

On Tue, Apr 18, 2023 at 05:03:47PM -0400, Lance Lovette via Exim-users wrote: > It appears the cert does have a SAN entry. (34.160.13.42 is an IP for > smtp.mailgun.org.) > > $ openssl s_client -starttls smtp -connect 34.160.13.42:587 2>/dev/null > | openssl x509 -noout -text > >

Re: [exim] Wildcard CN verify error

2023-04-18 Thread Jeremy Harris via Exim-users

On 18/04/2023 20:08, Lance Lovette via Exim-users wrote: SSL verify error: certificate name mismatch: DN="/C=US/ST=Texas/L=San Antonio/O=MAILGUN TECHNOLOGIES, INC/CN=*.mailgun.org" H="smtp.mailgun.com" Check to see if that cert had any SANs. The current source has the name-check only

[exim] Wildcard CN verify error

2023-04-18 Thread Lance Lovette via Exim-users

I'm getting an SSL verify error for messages delivered through my ESP : SSL verify error: certificate name mismatch: DN="/C=US/ST=Texas/L=San Antonio/O=MAILGUN TECHNOLOGIES, INC/CN=*.mailgun.org" H="smtp.mailgun.com" Based on Jeremy's comment in this old bug report, the wildcard CN isn't an

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

Re: [exim] Wildcard CN verify error

[exim] Wildcard CN verify error

14 matches

Site Navigation

Mail list logo

Footer information