On 2024-03-12, steffan--- via dovecot <dovecot@dovecot.org> wrote: > I have an old CentOS 7 server using dovecot 2.2.36 and OpenSSL 1.0.2k-fips= > that=92s been fine for quite some time. Recently I started getting complai= > nts related to SNI. > > I test with this: openssl s_client -connect mail.domain.com:993 -crlf -quie= > t > > On macOS using OpenSSL LibreSSL 3.3.6 I test and get the default dovecot do= > main =93SomeWrongDomain.com=94 which causes issues. > > On Oracle Linux 9 using OpenSSL 3.0.7 I get the correct response for the do= > main =93mail.domain.com=94
That's not a valid test. openssl >=1.1.1 s_client uses SNI by default, with libressl or older openssl you need to use -servername. _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
