You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Kratos is set up to use the systems (ubuntu 20.04) postfix, using connection_uri: smtp://localhost:25.
Any mail kratos tries to send fails with: level=error msg=Unable to send email using SMTP connection. audience=application error=map[message:x509: certificate is not valid for any names, but wanted to match localhost] message_from=kratos@mymachine service_name=kratos service_version= smtp_server=localhost:25 smtp_ssl_enabled=false
/var/log/mail.log' contains:
postfix/smtpd[116495]: connect from localhost[::1]
postfix/smtpd[116495]: SSL_accept error from localhost[::1]: -1
postfix/smtpd[116495]: warning: TLS library problem: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:../ssl/record/rec_layer_s3.c:1543:SSL alert number 42:
postfix/smtpd[116495]: lost connection after STARTTLS from localhost[::1]
postfix/smtpd[116495]: disconnect from localhost[::1] ehlo=1 starttls=0/1 commands=1/2
Adding ?skip_ssl_verify=true to the URI does not make any difference.
I can send mail using smtp at localhost:25 using other tools (with and without STARTTLS) - swaks -s localhost -p 25 -ehlo myhost -t root@kiel -f root@myhost -tls delivers the mail just fine.
It seems kratos is doing certificate validation when it doesn't need to (shouldn't?)
Reproducing the bug
Steps to reproduce the behavior:
Use standard quickstart setup, but change connection_uri: smtp://localhost:25 to rely on the system postfix. Let Kratos send any email.
Environment
Version: v0.5.5-alpha.1
Environment: Docker on Ubuntu 20.04
The text was updated successfully, but these errors were encountered:
Describe the bug
Kratos is set up to use the systems (ubuntu 20.04) postfix, using
connection_uri: smtp://localhost:25.Any mail kratos tries to send fails with:
level=error msg=Unable to send email using SMTP connection. audience=application error=map[message:x509: certificate is not valid for any names, but wanted to match localhost] message_from=kratos@mymachine service_name=kratos service_version= smtp_server=localhost:25 smtp_ssl_enabled=falseAdding
?skip_ssl_verify=trueto the URI does not make any difference.I can send mail using smtp at localhost:25 using other tools (with and without STARTTLS) -
swaks -s localhost -p 25 -ehlo myhost -t root@kiel -f root@myhost -tlsdelivers the mail just fine.It seems kratos is doing certificate validation when it doesn't need to (shouldn't?)
Reproducing the bug
Steps to reproduce the behavior:
Use standard quickstart setup, but change
connection_uri: smtp://localhost:25to rely on the system postfix. Let Kratos send any email.Environment
The text was updated successfully, but these errors were encountered: