[rt-users] rt-mailgate

Allen allen+rtlist at crystalfontz.com
Wed Jan 11 15:41:09 EST 2012

On Tue, Jan 10, 2012 at 1:05 PM, Robert Nesius <nesius at gmail.com> wrote:
> 500 Can't connect to
> request.domain.com:443 (certificate
> verify failed)
> /opt/rt4/bin/rt-mailgate: undefined server error

Yes, I got the same problem Monday after installing an "Extended
Validation" SSL certificate on the same Apache2 server as RT. RT is
accessible only over SSL using a wildcard cert, and some other
virtualhosts use the same wildcard cert. All the virtualhosts, RT
included, have the same IP address, which means the client needs to
understand TLS in order to get Apache to present to correct
certificate for the correct hostname.

When all the Virtualhosts used the same wildcard SSL cert, mailgate
worked fine. As soon as one of the Virtualhosts used a different cert,
mailgate fails with the above error to connect to RT to stuff the
message in.

This is on Ubuntu 11.10 Oneiric running reqest-tracker4 pinned with
apt preferences to "Precise" packages for version 4.0.4-1:

root at web0:/etc/logrotate.d# dpkg --list | grep reques
ii  request-tracker4                    4.0.4-1
        extensible trouble-ticket tracking system
ii  rt4-apache2                         4.0.4-1
        Apache 2 specific files for request-tracker4
ii  rt4-clients                         4.0.4-1
        mail gateway and command-line interface to request-tracker4
ii  rt4-db-sqlite                       4.0.4-1
        SQLite database backend for request-tracker4

I think something is wrong in the rt-mailgate-4 script that doesn't
understand TLS or when something happens and it gets a certificate
whose hostname does not match with the host that it is connecting to.


More information about the rt-users mailing list