[Bug 233078] mail/fetchmail: fails to check server certificates for lack of SNI supports.

Thu Nov 8 20:05:41 UTC 2018

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=233078

            Bug ID: 233078
           Summary: mail/fetchmail: fails to check server certificates for
                    lack of SNI supports.
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs at FreeBSD.org
          Reporter: fuyuhiko.maruyama at gmail.com
                CC: chalpin at cs.wisc.edu
             Flags: maintainer-feedback?(chalpin at cs.wisc.edu)
                CC: chalpin at cs.wisc.edu

Recently fetchmail shows warnings like below when it accesses to gmail. 

fetchmail: Server certificate verification error: self signed certificate
fetchmail: Missing trust anchor certificate: /OU=No SNI provided; please fix
your client./CN=invalid2.invalid
fetchmail: This could mean that the root CA's signing certificate is not in the
trusted CA certificate location, or that c_rehash needs to be run on the
certificate directory. For details, please see the documentation of
--sslcertpath and --sslcertfile in the manual page.
fetchmail: Warning: the connection is insecure, continuing anyways. (Better use
--sslcertck!)

The problem is fixed at upper stream on github below.

https://gitlab.com/fetchmail/fetchmail/commit/9b8b634312f169fab872f3580c2febe5af031615

-- 
You are receiving this mail because:
You are the assignee for the bug.