[fetchmail]Re: Bug#201113: fetchmail is missing a check for Subject Alternative Name (TLS cert.)
Matthias Andree
matthias.andree@gmx.de
Wed, 02 Mar 2005 21:46:22 +0100
ms419@freezone.co.uk writes:
> On Feb 19, 2005, at 5:58 AM, Matthias Andree wrote:
>> The proper way to fix this is to complain to the ISP and request that
>> they issue proper SSL certificates.
>
> But I suspect they do use proper SSL certificates
>
> I dunno how to download / extract the certificate to check, but I
> suspect they list "pop3.freezone.co.uk" under "subjectAltName", instead
> of "commonName"
openssl s_client -debug -connect pop3.freezone.co.uk:995
(doesn't work for me, no route to host -> may be firewalled)
> I hope supporting proper SSL certificates in Fetchmail will be easier
> than getting my ISP to support Fetchmail ; )
That depends on where the bug really is.
--
Matthias Andree