Am 26.02.21 um 13:16 schrieb Marcus Meissner:
On Fri, Feb 26, 2021 at 12:36:43PM +0100, Zsolt Barat wrote:
Hi there,
excuse me, if I' m asking at the wrong place.
Apparently there is a bug in current Fetchmail (6.3.26-lp152.5.8) installed with openSUSE-Leap-15.2-1, which causes TLS to fail especially with Gmail servers:
fetchmail: Server CommonName mismatch: invalid2.invalid != pop.gmail.com fetchmail: Server certificate verification error: self signed certificate fetchmail: Missing trust anchor certificate: /OU=No SNI provided; please fix your client./CN=invalid2.invalid
As reported elsewhere: https://bugs.archlinux.org/task/60038 <https://bugs.archlinux.org/task/60038> https://bugs.gentoo.org/697030 <https://bugs.gentoo.org/697030>
There is patch from RedHat which could be applied on fetchmail-6.3.26: https://bugzilla.redhat.com/show_bug.cgi?id=1611815
Other (better?) "fix" would be to bump fetchmail to 6.4.x where this issue is resolved? I could provide a complete bug report if needed. You probably see what this is missing from above urls.
A SUSE bugreport.
Can you open one?
OK, I will open a SUSE-bugreport.
Its likely a 1 liner fix in the end.
13 lines according to this patch ;). https://gitlab.com/fetchmail/fetchmail/commit/9b8b634312f169fab872f3580c2feb... Best regards Zsolt
Ciao, Marcus
-- Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin https://www.heinlein-support.de Tel: 030 / 40 50 51 - 0 Fax: 030 / 40 50 51 - 19 Amtsgericht Berlin-Charlottenburg - HRB 93818 B Geschäftsführer: Peer Heinlein - Sitz: Berlin