On Tue, May 13, 2014 at 01:31:09PM +, Viktor Dukhovni wrote:
>
> The logging is misleading, it should say "Anonymous" rather than
> "untrusted". This is fixed in 2.11.1 and 2.12 snapshots.
>
> If you want authentication of this destination, you need to use a
> security level that demands aut
On Tue, May 13, 2014 at 9:31 AM, Viktor Dukhovni
wrote:
> The logging is misleading, it should say "Anonymous" rather than
> "untrusted". This is fixed in 2.11.1 and 2.12 snapshots.
I'm glad of that. That confused the heck out of me, too.
On Tue, May 13, 2014 at 02:04:19PM +0200, Simon Effenberg wrote:
> May 13 13:58:10 mail postfix/smtp[12904]: Untrusted TLS connection
> established to my.mailserver.de[123.12.12.1]:25: TLSv1.2 with cipher
> AECDH-AES256-SHA (256/256 bits)
The connection is actually "Anonymous" as evidenced by
On Tue, May 13, 2014 at 02:11:34PM +0200, li...@rhsoft.net wrote:
> > And like I said.. it looks well from the openssl command and from
> > Chromium if I use the certificate inside an Apache2.. but postfix is
> > complaining and it is not telling me anything special what the issue is.
>
> the CA o
Am 13.05.2014 14:04, schrieb Simon Effenberg:
> On Tue, May 13, 2014 at 01:12:07PM +0200, li...@rhsoft.net wrote:
>>> I know that untrusted means that the identity has not been verified. But
>>> it _should_ (that's why I'm confused). So DANE may be implemented in the
>>> future but for now it shou
On Tue, May 13, 2014 at 01:12:07PM +0200, li...@rhsoft.net wrote:
> > I know that untrusted means that the identity has not been verified. But
> > it _should_ (that's why I'm confused). So DANE may be implemented in the
> > future but for now it should work already. So any other ideas?
>
> *who* i
Am 13.05.2014 13:06, schrieb Simon Effenberg:
> On Tue, May 13, 2014 at 10:50:32AM +0200, Patrick Ben Koetter wrote:
>> * Simon Effenberg :
>>> Hi @list,
>>>
>>> I have an issue with my SSL certificate. When I send a mail from another
>>> postfix to the one with the installed certificate it is com
On Tue, May 13, 2014 at 10:50:32AM +0200, Patrick Ben Koetter wrote:
> * Simon Effenberg :
> > Hi @list,
> >
> > I have an issue with my SSL certificate. When I send a mail from another
> > postfix to the one with the installed certificate it is complaining
> > about an Untrusted TLS connection. T
* Simon Effenberg :
> Hi @list,
>
> I have an issue with my SSL certificate. When I send a mail from another
> postfix to the one with the installed certificate it is complaining
> about an Untrusted TLS connection. The certificate uses SAN and is
> signed. OpenSSL tells me that everything is fine
