Hello Everyone.
I have attempted to set a higher default TLS security level by using wildcards in conjunction with the the TLS Destination Policy.
Sadly, the logs show that the TLS connection is only Trusted, but not Verified when doing this.
Only by specifying an explicit destination domain (gmx.de in my case) does the connection get Verified.
Here is a Picture:
I am aware that I could simply modify the postfix main.cf.in template, but wanted to double-check whether I was simply doing something wrong before doing so.
On a related note: if I'm right that there is no way of doing so right now, I would like to suggest adding a corresponding feature to the ui, and changing the tls policy to "dane" in the default template.
Is it preferred I open seperate feature requests for this in bugzilla, or pack it all in one?
Thank you very much in advance!
I have attempted to set a higher default TLS security level by using wildcards in conjunction with the the TLS Destination Policy.
Sadly, the logs show that the TLS connection is only Trusted, but not Verified when doing this.
Only by specifying an explicit destination domain (gmx.de in my case) does the connection get Verified.
Here is a Picture:
I am aware that I could simply modify the postfix main.cf.in template, but wanted to double-check whether I was simply doing something wrong before doing so.
On a related note: if I'm right that there is no way of doing so right now, I would like to suggest adding a corresponding feature to the ui, and changing the tls policy to "dane" in the default template.
Is it preferred I open seperate feature requests for this in bugzilla, or pack it all in one?
Thank you very much in advance!
Last edited: