Re: [exim] Expired tls certificate

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMJeremy Harris at <-
 
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Expired tls certificate
On 16/03/2022 21:01, Mike Diehl via Exim-users wrote:
> depth=3 O = Digital Signature Trust Co., CN = DST Root CA X3
> verify error:num=10:certificate has expired
> notAfter=Sep 30 14:01:15 2021 GMT

> What am I missing?


Ah, the "depth=3" is the clue. This is not talking about your leaf
cert being out of date.

https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
looks relevant. Your system (the one you ran "openssl s_client" on)
does not have an up-to-date CA cert for LetsEncrpyt. That implies you've
not updated it for a while, and it will be full of known exploit holes
unpatched too. One hopes it is not exposed to the outside...

--
Cheers,
Jeremy

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Expired tls certificateRe: [exim] stuck exim processes->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)