On Wednesday, 24 January 2024 02:19:29 GMT Walter Dnes wrote: > I'm back after several minutes backing up to two USB drives. > > On Tue, Jan 23, 2024 at 09:41:16PM +0000, Michael wrote > > > For SMTP server use: > > > > set smtp_url = "smtp://your_user_n...@www.cotse.net:465" > > Just one change... change "smtp://" to "smtps://", otherwise mutt > won't connect... > > set smtp_pass="cotse_password" > set smtp_url="smtps://cotse_use...@www.cotse.net:465"
Yes, my bad. The prefix smtps:// is needed to indicate an explicit TLS connection. > Sending a test message I got a prompt... > > This certificate belongs to: > Sectigo RSA Domain Validation Secure Server CA > Sectigo Limited > > Salford Greater Manchester GB > yada, yada, yada This is the intermediate certificate the server's certificate is signed with: $ openssl s_client -connect www.cotse.net\:465 -showcerts CONNECTED(00000003) depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority verify return:1 depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA verify return:1 depth=0 CN = www.cotse.net verify return:1 The "Sectigo RSA Domain Validation Secure Server CA" is an intermediate CA certificate and as it happens it is not available in the OS certificate store /etc/ssl/certs/ where trusted Root CAs reside. Theoretically, mutt via gnutls should check the issuer of the intermediate certificate which is "USERTrust RSA Certification Authority", find this certificate in the OS' store of trusted Root CAs and consequently accept as trusted any certificates in the chain signed by this Root CA. I don't know why this doesn't function as I describe above. Practically it seems mutt may need to be directed to accept all certificates in a chain as trusted. http://www.mutt.org/doc/manual/#certificate-file You could try copying the "USERTrust RSA Certification Authority" in your local mutt certificates directory, or copying just the intermediate CA certificate "Sectigo RSA Domain Validation Secure Server CA". > It asked whether I wanted to (r)eject, accept (o)nce, accept (a)lways > and I chose always. Your 'accept (a)lways' command would have stored this certificate in your local mutt certificates directory. > This post is coming to you via port 587 via fibre and via cotse.net. > Thank you very much. I couldn't have done it without your deatailed help. Glad you got it sorted. :-)
signature.asc
Description: This is a digitally signed message part.
