I installed msmtp and configured it according to their docs. It basically works but when I allow TSL
I get the following error when I try to send mail using msmtp:
cannot load trust file /etc/ssl/certs/ca-certificates.crt: error:2D06C06E:FIPS routines:FIPS_module_mode_set:fingerprint does not match
I am trying to send mail via gmail, to a gmail account. I don’t know exactly what this error is telling me, nor do I have a clue about what to do to make the fingerprints match.
Is there a way in opensuse to update on my opensuse box the certs needed to talk to gmail via msmtp? I can read/send mail just fine using the web browser.
The next time you post,
You should include everything that a person would need to replicate and evaluate what you’ve done.
So, for example it’s insufficient to say “followed their docs,” you have to provide a link and reference to the guide.
You might find the Arch Linux Wiki page on msmtp useful, it describes not only setting up but also some links to troubleshooting issues specific to gmail.
Thank you…I am still really stuck
I installed msmtp on opensuse 13.2 using yast from the package repository.
I created a local .mstmprc file in my home directory according to http://msmtp.sourceforge.net/doc/msmtp.html#Configuration-files
which looks like:
defaults
tls on
tls_starttls on
tls_trust_file /etc/ssl/certs/ca-certificates.crt #tls_certcheck off
When I try to send mail: echo -e “Subject: Test Mail**\r**** \r
**This is a test mail” **|msmtp --debug --from=default -t me@**gmail.com
I get the following error:
cannot load trust file /etc/ssl/certs/ca-certificates.crt: error:2D06C06E:FIPS routines:FIPS_module_mode_set:fingerprint does not match
If I comment out the line and add tls_certcheck off, the program appears to work, e.g. I get mail at gmail.
Figuring the certs were stale, I went to YaST2 and searched for certificates, and found and installed/updated the following:
ca-certificates
ca-certificates-cacert
ca-cerfiicates-mozilla
mozilla-nss
mozilla-nss-certs
Tried to send myself and got the same bad result…fingerprints dont match…
So, I am a novice at cert mgmt, how can this be fixed?
Whenever I set up one of these kinds of things (SMTP Relay),
I always need to look up the documentation related to the Service being used (in this case Google SMTP relay).
Recommend you look at the following link,
Looks to me like you don’t need to have a cert pre-installed today, but you need to configure the SMTP relay using your Google Admin account, in your case likely specifying your IP address. Besides the main body of this link, you can also skim the instructions for setting up one or more various clients to get a better idea what is required on the client side (practically no config necessary).