Recent update reveals broken qpsmtpd SSL setup

Issue #144 closed
Alex created an issue

I updated recently to a new version and discovered the SMTP setup was using self-signed certificate (I was using Lets Encrypt). However, everything else was using the proper certificate. Even after reissuance, it was still not fixed. Turns out the real certificates that are being used by qpsmtpd are located in /opt/qpsmtpd/ssl, not in /etc/qpsmtpd/ssl. Maybe this should be fixed in the next versions?

Comments (3)

  1. RE

    Looks like this may have been fixed? I see the certs in /etc/qpsmtpd -> /opt/qpsmtpd/config /ssl.

    There’s a slight problem, still, though; it looks like the intermediate certs might be missing from the setup? Certs created using the web interface.

    $ openssl s_client -starttls imap -connect <your host>
    :
    depth=1 /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
    verify error:num=20:unable to get local issuer certificate
    verify return:0
    
  2. SH repo owner

    I have:

    #!
    
    CONNECTED(00000003)
    depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
    verify return:1
    depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
    verify return:1
    depth=0 CN = mail.poste.io
    verify return:1
    ....
    

    Do you have problem with other sites also?

  3. Log in to comment