Cool - that's what I get
But what do you get with 'openssl s_client -starttls smtp -connect
mail.peregrineit.net:587' - cause I get :
depth=0 CN=peregrineit.net
verify error:num=10:certificate has expired
notAfter=Apr 10 07:36:42 2025 GMT
I'll post in a few hours
On 14/5/25 01:20, Viktor Dukhovni via Postfix-users wrote:
On Tue, May 13, 2025 at 05:07:04PM +0200, Matus UHLAR - fantomas via
Postfix-users wrote:
any reverse proxy between you and server?
no multiple postfix instances used?
Let's not encourage further pointless waste of time.
The OP needs to post:
$ postconf -nf
$ postconf -Mf
and some evidence that outdated certificates are vended that differ from
what's believed to be configured. I see:
$ posttls-finger -cC "[mail.peregrineit.net]:587" | openssl x509 -noout
-subject -dates
subject=CN=peregrineit.net
notBefore=Apr 4 05:28:03 2025 GMT
notAfter=Jul 3 05:28:02 2025 GMT
$ posttls-finger -cC "[mail.peregrineit.net]:25" | openssl x509 -noout
-subject -dates
subject=CN=peregrineit.net
notBefore=Apr 4 05:28:03 2025 GMT
notAfter=Jul 3 05:28:02 2025 GMT
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
