[Imap-uw] Re: [Alpine-info] Server name does not match certificate

[Stefan Bertels]

On Tue, 7 Oct 2008, David Morris wrote:

> I agree with Mark's follow up comment, but since most times I encounter

> this issue, it is because the fqdn is needed but not being received.


I changed all settings in Alpine config (took some minutes because there 
is nothing like search&replace) and it works fine now.

It seems like Joel was right when saying that (IMAP) server setup does 
not matter. So I searched for DNS issue regarding FQDN resolution.


> On Linux systems, I've found that the trick is as already mentioned,

> change the /etc/hosts file entry for the servers first IP address such

> that the name you want as fqdn is the first blank delimited token on the

> line following the IP address.


I knew this. First: I didn't change dns server config, hosts file, 
client setup or certificate or something like that. I upgraded IMAP 
server software and dns server software to newer releases. Obviously 
this made a difference. "hostname -f" shows FQDN always, I already had 
FQDN first in hosts file and moving the localhost line above or below 
the server name did not make a difference. IMAP says "localhost" when 
connected via 127.0.0.1 and <FQDN> when connected otherwise. Always.

It is/was probably a DNS thing so a short name does not always get 
resolved to a FQDN as before. I'm not sure whether upgrading IMAP makes 
a difference here. Anyway, it works. Generally I want to know what's 
going on, but time is limited. Thanks for all hints.


> PS. I think you might also be able to resolve this with a new SSL

> certificate which doesn't use the fqdn?


I do not want to change this. I agree with Mark that FQDN generally will 
avoid problems (FQDN where possible), so turning all to short names is 
not an option. I now change clients to use FQDN because of this issue. 
That's it.

With kind regards
Stefan