[MlMt] Markdown formatting
Benny Kjær Nielsen
mailinglist at freron.com
Mon Nov 22 09:49:59 EST 2021
On 12 Nov 2021, at 21:22, Bill Cole wrote:
>> I just tried to check for an update but received the error "SSL certificate problem: certificate has expired", which might explain why I wasn't aware there was anything newer.
> [very technical explanation]
Thanks for the details Bill. I'm definitely not an expert on these issues and I kind of just decided to live with it since it only affects “older” macOS releases.
> Ideally, the fix is server-side. Servers like updates.mailmate-app.com should be reconfigured to send only the server certificate and its immediate issuer cert as the server's trust chain, NOT including the version of "ISRG Root X1" which is signed by the expired cert. That would break a DIFFERENT subset of older clients (which don't trust the ISRG root by default) which is probably why even Let's Encrypt's own servers are still sending the quasi-bogus cert.
Let me know (off list) if you think it would be fairly easy to help me change this on my server to avoid this issue :)
More information about the mailmate