On 2024/3/20 22:25, Cowbay via Postfix-users wrote:
Below is openssl example:
8<8<8<
$ openssl s_client -4 -connect smtp.gmail.com:465 -CAfile
/etc/ssl/certs/ca-certificates.crt
CONNECTED(0003)
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1
v
On Wed, Mar 20, 2024 at 10:25:26PM +0800, Cowbay via Postfix-users wrote:
> I'm using debian 10, an old debian distribution. The Postfix version is
> 3.4.23.
The base 4.0 release is ~5 years old, but not materially different in
its core TLS functionality. You'd see the same results with the late
Unleess you can hand over the certificate that Postfix complained
about, you have not proven that Postfix was in error.
Specifically, yout tests with curl and openssl s_client may have
used a different IP address than Postfix, because the smtp.gmail.com
IP address changes frequently.
The smtp.gm
