https://github.com/osquery/osquery logo
Title
r

Raghavendra Hiremath

12/15/2022, 2:16 PM
{"component":"http","err":": a mail error occurred: sending mail: startTLS error: x509: certificate relies on legacy Common Name field, use SANs instead","level":"error","method":"PATCH","took":"107.876664ms","ts":"2022-12-15T14:06:05.739353086Z","uri":"/api/latest/fleet/config","user":"xxxxx@somemail.com"}
l

Lucas Rodriguez

12/15/2022, 4:00 PM
Hi @Raghavendra Hiremath! Looks like the mail server certificate uses a legacy format that Go's TLS implementation doesn't support (Fleet is made in Go). Any chance the certificate can be updated? (the hostname should be set in the SAN, not in the Common Name)
r

Raghavendra Hiremath

12/15/2022, 4:56 PM
@Lucas Rodriguez Yeah SMPT mailbox FQDN does not have SSL certificate, since we are using it internally. Had to disable verify SSL on fleet UI to get the issue fixed.