[rt-users] RT-Mailgate timeout error after upgrade to 4.2.6
Kevin Falcone
falcone at bestpractical.com
Mon Aug 11 11:02:32 EDT 2014
On Wed, Aug 06, 2014 at 09:44:40PM +0000, Richards, Matthew E ERDC-RDE-CERL-IL wrote:
> > If you're going to the localhost, I'm not actually sure why you're
> > involving SSL, but that's a separate issue.
>
> Actually, that was the issue. You're right, there's no need to use SSL
> with localhost. We have a rewrite from 80 to 443 for all interfaces
> and it always forces us to use https. I guess we could have created a
> non-SSL site just for localhost. The DoD has its own root CA that we
> added in a ca_file, but I think it's very slow and was causing the
> timeouts. I changed the rt-mailgate get_useragent to "$ua-
> >ssl_opts(SSL_verify_mode => 'SSL_VERIFY_NONE');" and that solved the
> issue. It's a temporary fix until we create a locahost:80 binding. I
> don't like maintaining custom source. Thanks for all the help.
If you don't want to verify, why not just use the flag?
$ ./bin/rt-mailgate --help | grep verify
"--ca-file" or "--no-verify-ssl", below.
authority that should be used to verify the website's SSL certificate.
preferentially use this option over "--no-verify-ssl", as it will
"--no-verify-ssl"
-kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 235 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20140811/504699c9/attachment.sig>
More information about the rt-users
mailing list