295246Re: Log Error, File Nonexistent: /etc/ssl/certs/ca-certificates.crt
- Sep 4, 2013On 9/4/2013 12:53 PM, FliedRice wrote:
> Thanks for the clarification Noel & LuKreme because there is an AOL one asOpen a support ticket with Plesk.
> Sep 3 12:44:24 boaz postfix/smtp: certificate verification failed
> for mailin-01.mx.aol.com[126.96.36.199]:25: untrusted issuer
> /C=US/O=America Online Inc./CN=America Online Root Certification Authority 1
> Other than those "messages" postfix seems to be working fine. The thing that
> me is that this is a newer version of Plesk, the server is only like 3
> months old, so
> when you say it's suppressed in later versions of postfix, it really makes
> me wonder
> why Plesk does not offer a more updated version initially.
>Most folks just ignore those messages, since they have no importance.
> Does anyone know how I can go about suppressing these messages?
> I know the one for Google is Equifax & the one for AOL is Thawte.
Theoretically you can track down the public root certs and add them
to a file, then point smtp_tls_CAfile to it.
Some distributions offer a root certificate bundle, intended to be
used with web browsers, that can be used as smtp_tls_CAfile. That
bundle may or may not contain the roots for these particular certs.
And many folks intentionally do NOT use the bundle with SMTP, since
it's hard to know exactly what roots are trusted by the system bundle.
-- Noel Jones
- << Previous post in topic