9.706-9 EXIM: SSL verify error: depth=0 error=unable to get local issuer certificate cert=/CN

Hi,

after the update i got this  error mesage with my alpha (Globalsgin ) Wildcard SSL Certificate.

2021:05:14-21:30:56 hostname exim-out[32409]: 2021-05-14 21:30:56 1lhdWS-0008QT-JQ [0.0.0.0] SSL verify error: depth=0 error=unable to get local issuer certificate cert=/CN=*.mydomain.de
2021:05:14-21:30:56 hostname exim-out[32409]: 2021-05-14 21:30:56 1lhdWS-0008QT-JQ [0.0.0.0] SSL verify error: depth=0 error=unable to verify the first certificate cert=/CN=*.mydomain.de
any hints ?


none
[bearbeitet von: WolfgangS um 7:42 PM (GMT -7) am 14 May 2021]

Top Replies

  • Hi ,

    This message is caused by the tls_verify_certificate feature in Exim. If Exim fails to verify the certificate provided by the remote mail server, it’ll log this message. However, this does…

Parents
  • same here, we are using newest firmware --> 9.706-9 (update from 9.705-3) and we have in smtp logs follwing errors now:

    Errors with external smtp mailservers:

    1: SSL verify error: depth=1 error=unable to get local issuer certificate cert=/C=US/O=Google Trust Services/CN=GTS CA 1O1

    or 2: SSL verify error: depth=1 error=unable to get local issuer certificate cert=/C=US/O=DigiCert Inc/CN=DigiCert Cloud Services CA-1
    ------------------------------------------------------------------------------------
    and also with our internal mailserver certificate (its a certificate from a public cert company --> Sectigo (Comodo):
    SSL verify error: depth=0 error=unable to get local issuer certificate cert=/CN=SRVEX2019
    Mailflow still works, but sophos need to solve this problem....
     
  • Bug: verification of wildcard certificates fails: 

    SSL verify error (during R-verify for [XX.XX.X.XXX]): certificate name mismatch: DN="/CN=*.DOMAIN.COM" H="XX.XX.X.XXX"

Reply Children
No Data