Home > Fedora 19, Fedora Project, Integrity, Security > MTA certificate not verifying in Fedora 19

MTA certificate not verifying in Fedora 19


Since upgrading to Fedora 19 I’ve been working out the kinks.  Today I was finally able to run one of my problems down and fix it.  It involved the failure of my MTA to deliver mail due to a TLS failure.

This failure was working against both postfix and ssmtp.  After much log searching I was able to determine that ssmtp wasn’t verifying the public certificate of the distance SMTP server against the CA certificates I have on my system.  I was able to confirm that the problem existed on other Fedora 19 systems and that it wasn’t just my crazy setup.  After working with a couple of developers it seems that the ssmtp configuration file now requires the entry “TLS_CA_File=/etc/pki/tls/certs/ca-bundle.crt” to function correctly.  It is not currently known what changes were made that created this problem.

I have not troubleshot postfix as of yet but I suspect a similar solution will be needed.

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s