> On 12/03/2024 22:54 EET steffan--- via dovecot <dovecot@dovecot.org> wrote: > > > I have an old CentOS 7 server using dovecot 2.2.36 and OpenSSL 1.0.2k-fips > that’s been fine for quite some time. Recently I started getting complaints > related to SNI. > > I test with this: openssl s_client -connect mail.domain.com:993 -crlf -quiet > > On macOS using OpenSSL LibreSSL 3.3.6 I test and get the default dovecot > domain “SomeWrongDomain.com” which causes issues. > > On Oracle Linux 9 using OpenSSL 3.0.7 I get the correct response for the > domain “mail.domain.com” > > What could cause this? > > > Thank you, > Steffan Cline > stef...@hldns.com<mailto:stef...@hldns.com> > 602-793-0014 > > > I have an old CentOS 7 server using dovecot 2.2.36 and OpenSSL 1.0.2k-fips > that’s been fine for quite some time. Recently I started getting complaints > related to SNI. > > I test with this: openssl s_client -connect mail.domain.com:993 -crlf -quiet > > On macOS using OpenSSL LibreSSL 3.3.6 I test and get the default dovecot > domain > “SomeWrongDomain.com” which causes issues. > > On Oracle Linux 9 using OpenSSL 3.0.7 I get the correct response for the > domain > “mail.domain.com” > > What could cause this? > > > Thank you, > Steffan Cline > stef...@hldns.com > 602-793-0014
One reason could be that Dovecot 2.3 does not support openssl3, and there is a broken patch flying around. We are close to releasing our next major release, which does include support for ossl3. We can't really debug issues likely caused by 3rd party patch. Try with RHEL8 or compatible, we have packages for that as well. Aki _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
