search for: subjectalternativenames

...: Option unknown option -trace *** x509: Unknown parameter text On 5/25/20 11:49 AM, Aki Tuomi wrote: > Hi! > > Can you do > > openssl x509 text -noout </etc/letsencrypt/live/...../fullchain.pem > > and check these things: > > your server hostname isn included in SubjectAlternativeNames, and that the cert hasn't got MUST-STAPLE attribute? You can see this by looking for 1.3.6.1.5.5.7.1.24 > > Also, can you provide output of > > openssl s_client -connect host:993 -trace > > Aki > >> On 25/05/2020 18:46 hanasaki at gmail.com <hanasaki at gmail.c...

Hello Aki and all, The below lines are in the dovecot config file. This seems to be the same as Aki's suggestion. correct? I have also double checked file perms, tried with several new key gens, several versions of thunderbird and created completely new thunderbird profiles. Thank you, ssl_cert = </etc/letsencrypt/live/...../fullchain.pem ssl_key =

Hi! Can you do openssl x509 text -noout </etc/letsencrypt/live/...../fullchain.pem and check these things: your server hostname isn included in SubjectAlternativeNames, and that the cert hasn't got MUST-STAPLE attribute? You can see this by looking for 1.3.6.1.5.5.7.1.24 Also, can you provide output of openssl s_client -connect host:993 -trace Aki > On 25/05/2020 18:46 hanasaki at gmail.com <hanasaki at gmail.com> wrote: > > > Hello A...

...ext > > > On 5/25/20 11:49 AM, Aki Tuomi wrote: > > Hi! > > > > Can you do > > > > openssl x509 text -noout </etc/letsencrypt/live/...../fullchain.pem > > > > and check these things: > > > > your server hostname isn included in SubjectAlternativeNames, and that the cert hasn't got MUST-STAPLE attribute? You can see this by looking for 1.3.6.1.5.5.7.1.24 > > > > Also, can you provide output of > > > > openssl s_client -connect host:993 -trace > > > > Aki > > > >> On 25/05/2020 18:46 hanas...