Hallo Guy,
> fetchmail: Issuer CommonName: Vex.Net
> fetchmail: Server CommonName: *.vex.net
>
> lrwxr-xr-x 1 guy guy 16 Jun 30 12:50 b5554f6f.0 ->
> mail_vex_net.pem
> lrwxr-xr-x 1 guy guy 18 Jun 30 12:50 bc809cbf.0 ->
> vex-net_cacert.pem
> -rw-r--r-- 1 guy guy 1383 Jun 30 11:54 mail_vex_net.pem
> -rw-r--r-- 1 guy guy 1326 Jun 30 12:28 vex-net_cacert.pem
a program uses the "Server CommonName" to find the
valid local stored certificate for verification purposes.
If the Server CommonName matches the CN= entry of the
certificate subject it is used for verfication.
Use "openssl x509 -in mail_vex_net.pem -subject" to check
the certificate subject and check what has been entered
right after CN=. This entry should match the FQDN of the
mail server.
As you can see in your fetchmail output the Server CommonName
hasn't been set correctly in the certificate because it shows
"*.vex.net" which is not a FQDN. I think it should be similar
to "mail.vex.net".
Jürgen
--
Mail: juergen(_dot_)edner(_at_)telejeck(_dot_)de
PGP Key available
---