-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SMTP: Lets Encrypt certificate cannot be verified #457
Comments
Have a look on my Issue: |
Bitwarden version: 1.30.1 Doesn't work for me either. Has been working in the past, but now suddenly, it says "The SSL certificate presented by the server is not trusted by the system for one or more of the following reasons..." (valid Let's Encrypt certificates). Setting that used to work in the past but doesn't work anymore:
Switching from SMTPS to STARTTLS as suggested in #451 still doesn't work, same "SSL certificate presented by the server is not trusted by the system" error:
|
Try |
Thanks. But I think this is a horrible workaround if it does what I assume it does. It would defeat the purpose of using TLS to prevent man in the middle attacks. |
Yes, I understand. I am just trying to see if that makes the error go away or not. |
I have the same issues, and I can confirm that the trustServer=true does get rid of the error, and resumes, normal email delivery, however as you agree, this should not be used in production. I tried updating to the dev channel (as suggested in #451 ) and adding the startTls=true setting, but it still doesn't work. |
Seems like a duplicate of #451 , which seems related to a bug in .NET Core 2.x. We'll have to wait for the fix in .NET Core 3. |
Seems to be related to this bug: https://github.com/dotnet/corefx/issues/35035 and https://github.com/dotnet/corefx/issues/3034 and perhaps https://github.com/dotnet/corefx/issues/29064 Question: Could we include a flag to disable certificate revocation checking in SSLStream until upgrading to a fixed version of .net core? Sure it's not perfect, but it'd be still better than trusting any SSL certificate. |
Issue (for me) still existing. Are there any updates for this? Workaround with |
.Net Core 3 has been released, 3.1.0 a few days ago. |
Just to throw this in, I'm running 1.32 and this is still an issue for me. Hope the updates to .net fix it. For now I'm just running with the trust server workaround. |
@kspearrin .net core 3 has been out for a few months. Did it fix the issue? |
I confirm server 1.33.0 fixes this issue 👍 |
Hello,
my mail server uses Let's Encrypt certificates. Bitwarden can not connect to this server because the certificate can not be validated, but the certificates are valid.
As a mail server, I use Mailu 1.5, the certificates are generated based on the "TLS_FLAVOR" setting "letsencrypt".
Docker version: 18.09.3
docker-compose version: 1.23.2
Bitwarden version: 1.30.0
Config:
Log: https://pastebin.com/ysQAkBsw
The text was updated successfully, but these errors were encountered: