On 13/03/24 22:30, Stuart Henderson wrote:
I test with this: openssl s_client -connect mail.domain.com:993 -crlf -quie=
t
That's not a valid test. openssl >=1.1.1 s_client uses SNI by default,
with libressl or older openssl you need to use -servername.
Indeed, you want: openssl s_client -conn
On 2024-03-12, steffan--- via dovecot wrote:
> I have an old CentOS 7 server using dovecot 2.2.36 and OpenSSL 1.0.2k-fips=
> that=92s been fine for quite some time. Recently I started getting complai=
> nts related to SNI.
>
> I test with this: openssl s_client -connect mail.domain.com:993 -crlf
> On 12/03/2024 22:54 EET steffan--- via dovecot wrote:
>
>
> I have an old CentOS 7 server using dovecot 2.2.36 and OpenSSL 1.0.2k-fips
> that’s been fine for quite some time. Recently I started getting complaints
> related to SNI.
>
> I test with this: openssl s_client -connect mail.doma
