Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net/smtp: SendMail() TLS don't fail on self-signed certs #6991

Closed
gopherbot opened this issue Dec 19, 2013 · 3 comments
Closed

net/smtp: SendMail() TLS don't fail on self-signed certs #6991

gopherbot opened this issue Dec 19, 2013 · 3 comments
Labels
FrozenDueToAge

Comments

@gopherbot
Copy link

by info@icod.de:

What steps will reproduce the problem?
1. http://play.golang.org/p/kqgvru-Lh5
I'm using a self-signed cert on icod.de

What is the expected output?
Not x509: certificate signed by unknown authority

What do you see instead?
x509: certificate signed by unknown authority (duh)

Which compiler are you using (5g, 6g, 8g, gccgo)?
go run email.go, archlinux

Which operating system are you using?
archlinux

Which version are you using?  (run 'go version')
go version go1.2 linux/amd64

Please provide any additional information below.
Postfix isn't pick about who to trust, neither should Go be since why use Go when it
fails but Postfix does the job without complaining?
Imho this is a disadvantage for Go and it should be optional if you prefer to connect to
CA approved hosts only or not. Theory and reality. I don't think there's a whole lot of
people buying extra certs just for a MTA given the price, especially if you can just
sign it yourself and there really is no technical benefit in using an approved CA to
sign your cert.
@minux
Copy link
Member

minux commented Dec 19, 2013

Comment 1:

SendMail is only a convenience function, if you want to tweak the tls configuration,
you can smtp.Dail and then do the StartTLS yourself to be able to pass in a
crypto/tls.Config (where you can set InsecureSkipVerify to true to skip the check)

@gopherbot
Copy link
Author

Comment 2 by info@icod.de:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alright, thank you for the reply.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSs3nvAAoJENrR4EaH4PXFW98H/iFJ9sotaq6rYlS6FB3O/k5b
Erff7jyliOn0TRX4nL3JrmQwd7j5ObBWRpjj1ejWbusQZ9vBCFs+e9uKaA2Tz5+D
rI8XhNLVXsKryPXDAD0sSuVfRlXDzxefe9OQI+pyYmYJ0DRJYFpK1HkupEd+tIia
9PsiCTb+xQRwheAozPrJXbQFTC3c/TfA8zb/FtM6aNNBwnbwtCtH+evC7I9EYqLt
860d9jczFB1zionXgjoB0pB7zlolZnTeM8/wW3Zh5bF7XWi0Yoa3ot+K3BMBqQlC
BpzxD3xk1t+oyXmd3LF2PcJ1NxN0igFb1bMnqFOss3OOp+xlNuDUb5RwQlIn9yU=
=NVJs
-----END PGP SIGNATURE-----

@minux
Copy link
Member

minux commented Dec 20, 2013

Comment 3:

Status changed to WorkingAsIntended.

@golang golang locked and limited conversation to collaborators Jun 25, 2016
This issue was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@minux @gopherbot