David C. Rankin wrote:
On 6/8/22 03:18, Carlos E. R. wrote:
Curio: my mail provider SMTP server used a self-signed certificate with the "example" text fields of whatever Linux implementation they used (my guess). I could see, for many moons (years), the "example" text, "do not use for production" in my smtp logs when sending email:-D
Most mail client just what to know whether ssl/tls is available and don't check the actual content of the certificate. Most ignore the content for SMTP (sending) purposes.
Yep. In this context, the encrypted transmission is the main thing, the identity of the receiver less so.
The irony is that you can set your receiving up in IOS with a self-signed certificate, (IOS will accept that it is self-signed) but when that certificate is replaced (due to the 1 year expiry, etc..)
When you're using self-signed, you could always set expiry in 10 ot 20 years. For our BMC's, we also use self-signed, with 10 year expiry. -- Per Jessen, Zürich (16.9°C) http://www.cloudsuisse.com/ - your owncloud, hosted in Switzerland.