Dovecot serving incorrect certificate
Hello all,
I have a Dovecot (v2.3.10.1) + Postfix (v3.5.3) both cfg; d to use TLS however each using different certificates. In addition, I have cfg’d a DNS CNAME that points to the server A record. For example,
mail.example.com (A) —> 1.2.3.4 alias.example.con (CNAME) —> mail.example.com
When setting up a new account in Apple Mail, if I specify the server name as the “Host Name” (i.e. mil server), the cert that is cfg’d in Dovecot is received and everything works fine. However, if I instead use the alias CNAME as the “Host Name”, then the cert for Postfix is sent to the client. This causes issues because I do not have the CNAME in the SAN of the Postfix certificate.
I doubt this is a bug because I have to think others have employed a similar configuration so I must be missing something here — any thoughts?
Thanks in advance...
Issued resolved...
Someone had actually copied the cert from the PF server to the DV cert location as well but renamed it to the same name that we had before. So when looking at the config, everything appeared proper but after Christian’s message, I decided to go and actually check the cert contents…it had been changed…
Thanks to Christian and darkc0de and sorry for the false alarm...and now need to go have a discussion with someone…
participants (2)
-
Antonio Leding
-
Christian Kivalo