Issue with CN field in SSL server certs for mail

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • ZYV
    Senior Member
    • Sep 2005
    • 315
    #1

    Issue with CN field in SSL server certs for mail

    Hi!

    I've started getting the following in the logwatch for all by boxes that send mail to Dathorn:

    Code:
     --------------------- sendmail Begin ------------------------ 

 **Unmatched Entries**
    STARTTLS=client, relay=XXX., field=cn_issuer, status=failed to extract CN: 6 Time(s)
    XXX -> domain at Dathorn for which the mail is relayed. I didn't check the certificate yet, but I assume the CN field is empty (should probably be gzo?).

    Anybody?

    Thanks!
    Tags: None
    • AndrewT
      Administrator
      • Mar 2004
      • 3656
      #2
      The generic wildcard SSL certificate that is used on all servers for various services has not changed since last August and the CN is most certainly specified. Sounds like something else may be to blame.

        Comment

        • ZYV
          Senior Member
          • Sep 2005
          • 315
          #3
          Hi Andrew!

          Thanks for the prompt reply! This is exactly the reason why I decided to post on the forums instead of creating a TT to see whether other people are having similar issues or not.

          What comes to my mind is that I started getting this messages shortly after I upgraded all my boxes to RHEL 5.5. Maybe has to do something with the updated versions of openssl / sendmail, since of course I didn't change the configuration of the software.

          That's not really a huge issue, but I'm always trying to keep the logs clean...

          Z.

            Comment

            • ZYV
              Senior Member
              • Sep 2005
              • 315
              #4
              It is quite interesting that other people also have this issue, but nobody seemed to come up with an answer:

              http://www.linuxquestions.org/questi...act-cn-817362/

              I'm seeing this on 3 RHEL boxes already, so I am pretty sure that it must have something to do with RHEL 5.5 upgrade...

                Comment

                Previous template Next
                Working...