Set customize_hostname_check for Swoosh.Adapters.SMTP
Some checks are pending
ci/woodpecker/pr/build-amd64 Pipeline is pending approval
ci/woodpecker/pr/build-arm64 Pipeline is pending approval
ci/woodpecker/pr/docs Pipeline is pending approval
ci/woodpecker/pr/lint Pipeline is pending approval
ci/woodpecker/pr/test Pipeline is pending approval
Some checks are pending
ci/woodpecker/pr/build-amd64 Pipeline is pending approval
ci/woodpecker/pr/build-arm64 Pipeline is pending approval
ci/woodpecker/pr/docs Pipeline is pending approval
ci/woodpecker/pr/lint Pipeline is pending approval
ci/woodpecker/pr/test Pipeline is pending approval
This should hopefully fix issues with connecting to SMTP servers with wildcard TLS certificates. Taken from https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/ssl Fixes #660
This commit is contained in:
parent
c0a99df06a
commit
615c52cdde
1 changed files with 3 additions and 0 deletions
|
@ -86,6 +86,9 @@ defp default_config(Swoosh.Adapters.SMTP, conf, _) do
|
|||
verify: :verify_peer,
|
||||
# some versions have supposedly issues verifying wildcard certs without this
|
||||
server_name_indication: relay,
|
||||
customize_hostname_check: [
|
||||
match_fun: :public_key.pkix_verify_hostname_match_fun(:https)
|
||||
],
|
||||
# the default of 10 is too restrictive
|
||||
depth: 32
|
||||
]
|
||||
|
|
Loading…
Reference in a new issue