Disable ssl validation for replication?
Joseph Tam
jtam.home at gmail.com
Thu Dec 21 03:27:34 EET 2017
Joseph Ward writes:
> I'm aware of at least a couple of fallback options:
> ??? -have a self-signed cert for replication and use the Let's Encrypt
> one for IMAP/POP
> ??? - create firewall rules allowing them to connect to each other over
> the public internet so that it can validate the proper cert
> ?
> These are both much less palatable than simply disabling the cert
> validation if it's possible.
Maybe instead of disabling the check, appease it by supplying (in
/etc/hosts) an alternate mapping of the FQDN subject of your certificate
to your internal IP:
10.x.x.x your.sync.target
Joseph Tam <jtam.home at gmail.com>
More information about the dovecot
mailing list