subject: using starttls with ssh tunnel.

Pawel p mafeusek at
Tue Mar 30 17:33:25 CEST 2010

Hallo Group Members.

I configured ssh tunnel to
nohup ssh -l user -NL 2587: internal.mail.proxy &

, because I cannot get it directly, through default proxy.

Is there a way to force TLS accept certificate?

prompt$ gnutls-cli -s -p 2587 localhost
Resolving 'localhost'...
Connecting to ''...

- Simple Client Mode:

220 ESMTP 16cm973753ewy.7
EHLO at your service, []
250-SIZE 35651584
220 2.0.0 Ready to start TLS
*** Starting TLS handshake
- Certificate type: X.509
 - Got a certificate list of 1 certificates.
 - Certificate[0] info:
  - subject `C=US,ST=California,L=Mountain View,O=Google Inc,CN=', issuer `C=ZA,ST=Western Cape,L=Cape Town,O=Thawte
Consulting cc,OU=Certification Services Division,CN=Thawte Premium Server
CA,EMAIL=premium-server at', RSA key 1024 bits, signed using
RSA-SHA, activated `2007-07-30 00:00:00 UTC', expires `2010-07-29 23:59:59
UTC', SHA-1 fingerprint `4567cace1acd21c94f347455e5674464f5de19761'
- The hostname in the certificate does NOT match 'localhost'
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20100330/1f25da9b/attachment.htm>

More information about the Gnutls-help mailing list