[Dovecot] SSL/TLS with Outlook client
Eli Sand
dovecot-list at elisand.com
Wed Nov 14 01:23:52 EET 2007
Nikolay Shopik wrote:
> Usually it works like this. You are configure your mail client to
> address like this mail.example.com, when mail client establish
> connection to server and receive certificate it compare CN with current
> configuration in it. So if you configure connect to mx.example.com but
> server receive certificate with CN=mail.example.com it should warn you.
> It doesn't do any PTR lookups.
I have experimented with Outlook 2k7 and valid certificates from CACert and
I am unable to say that this is for sure how Outlook is behaving.
I have tested with a wildcard cert, and names of both the MX record and the
A record configured in the mail client. All three of which produced the
same ultimate "The target principal name is incorrect." Error. The
certificate is valid and I do have the root CA certs loaded in Windows
correctly.
I'm pretty close to emailing Microsoft themselves to help solve the problem
since I am unable to figure out why the error is happening (even debug
logging from Outlook produces nothing).
Eli.
More information about the dovecot
mailing list