[rt-users] New cert breaks mailgate

Tim Wiley tim at marchex.com
Tue Feb 3 15:26:40 EST 2015


On 02/03/2015 12:09 PM, mkyser wrote:
> Well we finally figured out that the mailgate did not like our local CA.
> Went and bought a Thawte cert for RT and now everything is working as it
> should.  The lesson here is spend the money and get a real cert!

I wish I had gotten to this earlier.  There's a better option in 
rt-mailgate.  What we've done is add --ca-file to the rt-mailgate 
command in our postfix aliases.

my-queue-address: "|/path/to/rt/bin/rt-mailgate --queue 'My Queue' 
--action correspond --ca-file /path/to/your/root.crt --url 
https://rt.example.com"

This of course means that you have to ship your root CA certificate with 
the application, but that shouldn't be a big deal.



More information about the rt-users mailing list