Meanwhile, I discovered two more things: Postfix can establish a "Verified" SMTP-TLS session with the server, as long as it does not present a client certificate. This suggests that the server certificate can be verified just fine on the client side.
When the client presents a certificate (which is not expired, I checked), however, the server says: postfix/smtpd[4981]: warning: TLS library problem: 4981:error:0D0C50A1:asn1 encoding routines:ASN1_item_verify:unknown message digest algorithm:a_verify.c:141: I have not changed the Postfix configuration on either the client's or the server's side since it worked last. -- .''`. martin f. krafft <[email protected]> Related projects: : :' : proud Debian developer http://debiansystem.info `. `'` http://people.debian.org/~madduck http://vcs-pkg.org `- Debian - when you have better things to do than fixing systems
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)

