On 2023-04-20, Jeremy Harris via Exim-users wrote:
> On 20/04/2023 06:18, Jasen Betts via Exim-users wrote:
>> On 2023-04-18, Lance Lovette via Exim-users wrote:
This is a name mismatch: mailgun.org != mailgun.com.
>>>
>>> Perhaps it's time for a larger font size :) I will put on my dunce
> Just using * for those two would have the same effect, and save work.
True. Good advice, thanks!
I put together most of this configuration in 2001 and haven't needed to pay
much attention to it until recently.
Lance
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
##
On Thu, Apr 20, 2023 at 09:26:38AM +0100, Jeremy Harris via Exim-users wrote:
> On 20/04/2023 06:18, Jasen Betts via Exim-users wrote:
> > Their .com is a cname pointing to the .org, so the same host is both
> > .com and .org, but their host isn't using SNI.
>
> This raises the question: should
As a side-note,
On 18/04/2023 20:08, Lance Lovette via Exim-users wrote:
smtp_mailgun:
[...]]
hosts_require_auth = <; $host_address
hosts_require_tls = <; $host_address
Just using * for those two would have the same effect,
and save work.
--
Cheers,
Jeremy
--
## List
On 20/04/2023 06:18, Jasen Betts via Exim-users wrote:
On 2023-04-18, Lance Lovette via Exim-users wrote:
This is a name mismatch: mailgun.org != mailgun.com.
Perhaps it's time for a larger font size :) I will put on my dunce cap and
go sit in the corner. But shame on Mailgun for responding
On 2023-04-18, Lance Lovette via Exim-users wrote:
> I'm getting an SSL verify error for messages delivered through my ESP :
>
> SSL verify error: certificate name mismatch: DN="/C=US/ST=Texas/L=San
> Antonio/O=MAILGUN TECHNOLOGIES, INC/CN=*.mailgun.org" H="smtp.mailgun.com"
>
> Based on
On 2023-04-18, Lance Lovette via Exim-users wrote:
>> This is a name mismatch: mailgun.org != mailgun.com.
>
> Perhaps it's time for a larger font size :) I will put on my dunce cap and
> go sit in the corner. But shame on Mailgun for responding to .com with a
> .org certificate!
>
> Lance
Their
> This is a name mismatch: mailgun.org != mailgun.com.
Perhaps it's time for a larger font size :) I will put on my dunce cap and
go sit in the corner. But shame on Mailgun for responding to .com with a
.org certificate!
Lance
--
## List details at
On 18/04/2023 22:39, Evgeniy Berdnikov via Exim-users wrote:
mailgun.org != mailgun.com.
Good eyes!
--
Cheers,
Jeremy
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list -
On 18/04/2023 22:03, Lance Lovette via Exim-users wrote:
Exim version 4.95
X509v3 Subject Alternative Name:
DNS:*.mailgun.org, DNS:mailgun.org
[34.160.13.42] SSL verify error: certificate name mismatch:
DN="/C=US/ST=Texas/L=San Antonio/O=MAILGUN TECHNOLOGIES,
It appears the cert does have a SAN entry. (34.160.13.42 is an IP for
smtp.mailgun.org.)
$ openssl s_client -starttls smtp -connect 34.160.13.42:587 2>/dev/null
| openssl x509 -noout -text
X509v3 Subject Alternative Name:
DNS:*.mailgun.org, DNS:mailgun.org
I'm running
On Tue, Apr 18, 2023 at 05:03:47PM -0400, Lance Lovette via Exim-users wrote:
> It appears the cert does have a SAN entry. (34.160.13.42 is an IP for
> smtp.mailgun.org.)
>
> $ openssl s_client -starttls smtp -connect 34.160.13.42:587 2>/dev/null
> | openssl x509 -noout -text
>
>
On 18/04/2023 20:08, Lance Lovette via Exim-users wrote:
SSL verify error: certificate name mismatch: DN="/C=US/ST=Texas/L=San
Antonio/O=MAILGUN TECHNOLOGIES, INC/CN=*.mailgun.org" H="smtp.mailgun.com"
Check to see if that cert had any SANs.
The current source has the name-check only
I'm getting an SSL verify error for messages delivered through my ESP :
SSL verify error: certificate name mismatch: DN="/C=US/ST=Texas/L=San
Antonio/O=MAILGUN TECHNOLOGIES, INC/CN=*.mailgun.org" H="smtp.mailgun.com"
Based on Jeremy's comment in this old bug report, the wildcard CN isn't an
14 matches
Mail list logo