Bug 36608 - Problem with self-signed certificates on pop.gmail.com
Summary: Problem with self-signed certificates on pop.gmail.com
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: fetchmail (show other bugs)
Version: unstable
Hardware: all Linux
: P3 normal
Assignee: Alexey Gladkov
QA Contact: qa-sisyphus
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-04-16 20:38 MSK by Alexey Gladkov
Modified: 2019-04-16 22:04 MSK (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexey Gladkov 2019-04-16 20:38:37 MSK 
При попытке скачать почту по POP3/IMAP с gmail.com в логах появляется сообщение:

fetchmail: Server certificate verification error: self signed certificate
fetchmail: Missing trust anchor certificate: /OU=No SNI provided; please fix your client./CN=invalid2.invalid
fetchmail: This could mean that the root CA's signing certificate is not in the trusted CA certificate location, or that c_rehash needs to be run on the
certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page.
fetchmail: Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)

Приложите пожалуйста патч из https://bugzilla.redhat.com/show_bug.cgi?id=1611815
Comment 1 Alexey Gladkov 2019-04-16 20:40:02 MSK 
Лучше апстримный коммит: https://gitlab.com/fetchmail/fetchmail/commit/9b8b634312f169fab872f3580c2febe5af031615
Comment 2 Michael Shigorin 2019-04-16 21:24:03 MSK 
Отправил http://webery.altlinux.org/task/227248, спасибо!
Comment 3 Repository Robot 2019-04-16 22:04:58 MSK 
fetchmail-6.3.26-alt6 -> sisyphus:

Tue Apr 16 2019 Michael Shigorin <mike@altlinux> 6.3.26-alt6
- added upstream SNI support patch; thx legion@ (closes: #36608)
- avoid extra tarball compression (no reason with gear)