On 2024/3/25 12:05, Viktor Dukhovni via Postfix-users wrote:
On Mon, Mar 25, 2024 at 12:00:12PM +0800, Cowbay via Postfix-users wrote:
On 2024/3/25 10:55, Viktor Dukhovni via Postfix-users wrote:
I checked posttls-finger on my another container which is Ubuntu
22.04.4, posttls-finger still doesn't support ipv6, weird.
It isn't posttls-finger that does not support "ipv6", but rather your
network stack.
It's still weird because I have ipv6 network stack and I can ping
smtp.gmail.com's ipv6 address. See below:
$ host smtp.gmail.com
smtp.gmail.com has address 173.194.174.108
smtp.gmail.com has IPv6 address 2404:6800:4008:c1b::6c
$ posttls-finger -wc -lsecure -F /etc/ssl/certs/ca-certificates.crt -a ipv6
"[smtp.gmail.com]:465" smtp.gmail.com
posttls-finger: smtp.gmail.com[173.194.174.108]:465: matched peername:
smtp.gmail.com
posttls-finger: smtp.gmail.com[173.194.174.108]:465: subject_CN=smtp.gmail.com,
issuer_CN=GTS CA 1C3,
fingerprint=F7:5F:AA:8D:B5:7A:A7:A4:8A:34:0C:C3:12:18:D8:77:3B:A9:F7:75:E1:EC:76:25:76:79:41:B2:AB:46:34:E1,
pkey_fingerprint=E9:BB:66:2D:A5:7C:05:FD:C4:EE:2D:CD:33:9C:32:6D:F7:99:7E:66:29:1F:F0:A4:5E:42:05:57:32:10:7C:96
posttls-finger: Verified TLS connection established to
smtp.gmail.com[173.194.174.108]:465: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384
(256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)
server-digest SHA256
The "-a" option is a "preference", but perhaps you have separately
disabled IPv6 via "inet_protocols = ipv4" in main.cf?
Yes, you are right, THANKS. ^_^
While my "inet_protocols = ipv4" in main.cf both "-a ipv6" and "[ipv6:address]"
always no ipv6 function.
When "inet_protocols = all", posttls-finger works fine with ipv6.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
