Hello, On Thu, 27 Dec 2012, Carlos E. R. wrote:
I see this warning while I fetch email:
<2.3> 2012-12-27 13:10:28 minas-tirith fetchmail 9789 - - Server CommonName mismatch: pop.dominioabsoluto.net != correo.coitt.es <2.3> 2012-12-27 13:10:28 minas-tirith fetchmail 9789 - - Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)
I've been asking myself that same question for years now. Not sure what version's manpage I've looked at and what I tried (unsuccessfully), but these look promising: ==== man fetchmail (fetchmail-6.3.21 / oS 12.1) ==== --sslcommonname <common name> (Keyword: sslcommonname; since v6.3.9) [..] ALTERNATE AUTHENTICATION FORMS [..] Secure Socket Layers (SSL) and Transport Layer Security (TLS) [..] The certificate is checked to verify that the common name in the cer- tificate matches the name of the server being contacted and that the effective and expiration dates in the certificate indicate that it is currently valid. If any of these checks fail, a warning message is printed, but the connection continues. ==== So, according to documentation (and probably due to popular demand ;) the addition of the new keyword/option and value sslcommonname pop.dominioabsoluto.net to the relevant server section of your fetchmailrc should help. [in my case, the cert is self-signed, with a different CN and expired, haven't gotten round to find out how to generate a fitting cert with plesk yet ... *gah*] -dnh -- New, from IKEA: DARCKENSE, the chair. Available in white only. All-natural materials! -- Niklas Karlsson -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org