Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hostname/IP does not match certificate's altnames but certification is correct. #1646

Open
bear0330 opened this issue Apr 24, 2024 · 0 comments
Open

Hostname/IP does not match certificate's altnames but certification is correct. #1646

bear0330 opened this issue Apr 24, 2024 · 0 comments

Comments

@bear0330
Copy link

My mail url:
smtp://robots%40nuwainfo.com:password@mx.nuwainfo.com:587/
note this password is fake, but should not effect to reproduce this issue.

I will get this error:

Error trying to send email: Hostname/IP does not match certificate's altnames: Host: mx.nuwainfo.com. is not in the cert's altnames: DNS:mail-admin.mxnodes.com

my certification detail:

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:06:58:7e:6b:ec:ed:31:c1:74:78:ca:9a:03:2b:93:79:55
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = Let's Encrypt, CN = R3
        Validity
            Not Before: Apr 24 03:49:49 2024 GMT
            Not After : Jul 23 03:49:48 2024 GMT
        Subject: CN = mx.nuwainfo.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:9e:69:89:63:97:5e:1b:b0:db:5d:86:4a:c1:98:
                    eb:a4:a5:1a:ad:8b:34:42:2a:0c:b5:0f:04:86:66:
                    07:e7:d0:81:bd:60:ed:8d:81:d5:8f:10:45:ca:56:
                    33:6c:71:f9:b0:10:8a:cb:50:7d:bd:93:dd:31:85:
                    d3:1d:76:38:a8:b7:d7:fc:74:c0:b4:5f:04:95:b2:
                    7e:bd:3f:eb:d1:00:bc:8b:72:20:de:49:08:25:61:
                    47:46:81:8c:fd:ae:97:83:c5:04:10:fd:d6:a3:e8:
                    ae:97:f2:e1:8f:52:86:a5:0c:7d:74:b8:7d:e7:cb:
                    ac:2b:9a:5c:03:0b:2c:dd:33:be:08:31:5b:93:fc:
                    dd:92:16:95:19:90:6a:cc:91:f9:0b:d4:8c:d6:93:
                    ab:3f:81:a4:a8:fe:b8:24:97:38:4c:cd:e5:49:dd:
                    a2:a2:ff:21:79:d4:b1:ac:3b:7d:d4:d9:da:69:5f:
                    c4:25:85:96:1e:47:2a:b1:6b:f1:8a:76:6a:04:8f:
                    b9:1c:fc:23:08:62:33:e6:77:09:8b:75:77:69:51:
                    1d:3f:87:f5:4b:fd:5e:63:77:cc:86:90:ed:aa:0c:
                    eb:43:34:9e:c6:ce:2b:48:e8:8b:70:2d:8e:e5:8e:
                    08:8f:57:dc:89:10:1f:7d:c8:67:8b:8b:9b:38:1d:
                    60:8f:41:5e:50:6b:ab:10:f5:18:a5:80:e4:fa:3b:
                    f1:3f:11:c5:ff:4d:61:af:0a:2a:9c:77:b8:63:d3:
                    06:da:04:a4:41:7e:68:66:ba:89:db:0b:eb:a4:87:
                    1d:1e:a9:b2:79:c0:8a:0d:f0:d6:68:11:11:c6:40:
                    0d:ac:26:8e:a1:a7:b1:98:1b:78:ed:63:2c:8f:9b:
                    23:4f:8f:95:a6:22:78:2f:aa:e2:3f:db:37:a3:c6:
                    b6:02:da:fb:e5:66:c2:a9:b7:f5:a0:8d:47:4d:fc:
                    24:d9:52:17:6a:cf:b4:f1:14:2f:ea:ad:8d:05:1f:
                    07:b1:ea:3f:53:8a:ad:70:e2:f2:a9:06:a0:fd:aa:
                    50:c1:99:36:72:86:74:66:40:58:5b:12:df:e1:7d:
                    bf:b8:3b:58:dc:fe:5e:3d:ad:10:5f:b8:b0:78:e5:
                    78:c2:1d:c1:dc:ba:b2:d1:ca:1a:93:4b:3b:78:d0:
                    11:76:73:c1:44:89:69:ad:89:10:89:64:c9:8c:16:
                    f8:3f:e5:ec:31:8c:a7:17:a1:1a:f9:d7:b8:13:3f:
                    85:10:be:17:2f:4c:96:60:fe:22:2c:e7:75:28:ad:
                    8d:bd:1e:ea:04:b1:f6:d6:59:c7:72:bb:eb:92:e3:
                    79:e5:a1:b3:07:8c:eb:d5:33:d3:98:42:9c:f8:42:
                    8e:69:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                56:D9:67:3D:DF:DC:E9:3A:92:F4:98:B3:F7:E3:E2:1F:52:B9:D5:08
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:mail.nuwainfo.com, DNS:mx.nuwainfo.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr 24 04:49:49.501 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:AF:0E:79:38:D0:6B:15:8A:D6:24:9B:
                                08:76:11:00:DA:07:45:CC:26:17:BD:60:F5:FA:B6:C8:
                                C5:AA:40:49:68:02:21:00:DC:4D:CE:41:D8:A3:25:40:
                                3B:B7:D5:5A:F7:9C:EF:21:25:45:AF:32:A9:53:BD:60:
                                92:86:EE:4A:FB:1F:55:68
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr 24 04:49:49.499 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:99:C4:92:46:B6:3C:8B:58:E7:6F:8B:
                                80:90:D2:90:36:37:74:5F:33:B2:D7:97:49:FC:F4:88:
                                21:1F:76:E8:CA:02:21:00:DE:96:BE:5C:68:B6:68:34:
                                27:C1:BA:97:B9:4D:11:E9:15:88:38:FA:0A:5F:11:5B:
                                34:76:B5:BA:41:24:5A:AC
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        54:08:f6:e5:57:7e:2a:91:c1:64:6c:4c:c0:82:8e:c1:c9:38:
        db:8e:04:28:8b:73:96:0b:f0:f4:ac:35:5b:ac:2d:61:c7:40:
        f2:60:c1:a1:4d:86:b7:92:bd:11:ae:5c:ee:a7:2c:c5:90:67:
        92:42:58:83:05:dd:6c:06:1a:65:17:0c:84:3a:0d:26:b3:e7:
        73:bc:49:78:71:ed:17:a9:5d:f6:05:b7:7b:84:cc:24:67:20:
        bc:f6:8c:76:3e:a2:54:e4:70:40:6f:b9:13:aa:49:0b:36:ab:
        20:43:1f:e4:b1:56:fc:a9:90:48:83:02:29:7b:7d:8e:87:c8:
        c1:a6:14:80:6b:51:7f:3c:aa:31:d5:f7:8c:b3:40:10:88:7e:
        a1:5b:08:f3:98:45:ab:20:1d:de:ac:93:a6:c2:f9:d3:8c:f9:
        5a:e6:87:d5:3f:c9:db:88:e9:7a:52:ec:fc:26:10:b8:e0:31:
        d7:16:3b:75:a6:5e:43:66:49:5b:b2:56:48:f4:fd:2f:3c:95:
        e5:a6:73:34:6e:8e:77:87:31:d0:c2:60:c8:1c:b2:cc:3e:05:
        e3:81:fc:39:80:28:96:fd:40:16:d0:21:f2:e3:c5:cf:fc:6e:
        57:8b:f4:20:75:79:cf:ea:84:d8:19:23:20:e2:78:ae:ed:f3:
        4e:58:18:73

mail-admin.mxnodes.com is the same machine of mx.nuwainfo.com, but nodemailer seems to try get certification of mail-admin.mxnodes.com not certification of mx.nuwainfo.com which I wrote in mail url.

Thanks.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bear0330