On Fri, Feb 26, 2021 at 12:36:43PM +0100, Zsolt Barat wrote:
Hi there,
excuse me, if I' m asking at the wrong place.
Apparently there is a bug in current Fetchmail (6.3.26-lp152.5.8) installed with openSUSE-Leap-15.2-1, which causes TLS to fail especially with Gmail servers:
fetchmail: Server CommonName mismatch: invalid2.invalid != pop.gmail.com fetchmail: Server certificate verification error: self signed certificate fetchmail: Missing trust anchor certificate: /OU=No SNI provided; please fix your client./CN=invalid2.invalid
As reported elsewhere: https://bugs.archlinux.org/task/60038 <https://bugs.archlinux.org/task/60038> https://bugs.gentoo.org/697030 <https://bugs.gentoo.org/697030>
There is patch from RedHat which could be applied on fetchmail-6.3.26: https://bugzilla.redhat.com/show_bug.cgi?id=1611815
Other (better?) "fix" would be to bump fetchmail to 6.4.x where this issue is resolved? I could provide a complete bug report if needed.
You probably see what this is missing from above urls. A SUSE bugreport. Can you open one? Its likely a 1 liner fix in the end. Ciao, Marcus