Unleess you can hand over the certificate that Postfix complained
about, you have not proven that Postfix was in error.
Specifically, yout tests with curl and openssl s_client may have
used a different IP address than Postfix, because the smtp.gmail.com
IP address changes frequently.
The
On Wed, Mar 20, 2024 at 10:25:26PM +0800, Cowbay via Postfix-users wrote:
> I'm using debian 10, an old debian distribution. The Postfix version is
> 3.4.23.
The base 4.0 release is ~5 years old, but not materially different in
its core TLS functionality. You'd see the same results with the
On 2024/3/20 22:25, Cowbay via Postfix-users wrote:
Below is openssl example:
8<8<8<
$ openssl s_client -4 -connect smtp.gmail.com:465 -CAfile
/etc/ssl/certs/ca-certificates.crt
CONNECTED(0003)
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1