On 12 Nov 2021, at 21:22, Bill Cole wrote: >> I just tried to check for an update but received the error "SSL certificate >> problem: certificate has expired", which might explain why I wasn't aware >> there was anything newer. > > [very technical explanation]
Thanks for the details Bill. I'm definitely not an expert on these issues and I kind of just decided to live with it since it only affects “older” macOS releases. > Ideally, the fix is server-side. Servers like updates.mailmate-app.com should > be reconfigured to send only the server certificate and its immediate issuer > cert as the server's trust chain, NOT including the version of "ISRG Root X1" > which is signed by the expired cert. That would break a DIFFERENT subset of > older clients (which don't trust the ISRG root by default) which is probably > why even Let's Encrypt's own servers are still sending the quasi-bogus cert. Let me know (off list) if you think it would be fairly easy to help me change this on my server to avoid this issue :) -- Benny _______________________________________________ mailmate mailing list mailmate@lists.freron.com https://lists.freron.com/listinfo/mailmate
