On Wed, Oct 24, 2007 at 11:46:34AM -0500, Chuck Campbell wrote: > I see these messages every time fetchmail pops my mail. I don't understand > what certificates it is talking about, or how to straighten this out. A certificate identifies the server, i.e., the client gets a piece of information about the server that can be used to start a private conversation. The certificate must be signed by an entity, that you trust. > fetchmail: Server CommonName mismatch: localhost != mail.mydomain.com The certificate was issued for the server: 'localhost', but you're connecting to 'mail.mydomain.com'. This could be a man-in-the-middle attack. > fetchmail: Server certificate verification error: self signed certificate The certificate is signed by itself, not by an external entity that you trust. You can't be sure you're talking with the correct server. > fetchmail: Server certificate verification error: certificate has expired Every certificate has a validity (start and end date when the certificate is valid). Yours has expired. > What do I need to read up on to understand this and find a fix? Public key infrastructure (PKI): http://www.gtlib.cc.gatech.edu/pub/linux/docs/HOWTO/other-formats/html_single/SSL-Certificates-HOWTO.html http://www.carillon.ca/library/howtos.php -- lfr 0/0
Attachment:
pgpjjtG9Kzgup.pgp
Description: PGP signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
