XelKarin
Tux's lil' helper
Joined: 29 Dec 2003
Posts: 85
|
 Posted: Tue Sep 11, 2018 8:52 pm Post subject: SSL verification error with Dovecot 2.3.2.1 [SOLVED] |
 |
|
I'm attempting to upgrade my Dovecot installation to 2.3.2.1. My SSL certificate authority provides a bundle containing their CA, plus intermediate CAs, which I configure using the 'ssl_ca' option. The comments in the configuration file say to only set this when you're requiring client certificates, which I'm not, but fetchmail complains with a "Server certificate verification error, Broken certificate chain" error if that setting is not set. This works fine with Dovecot 2.2.34.
After upgrading to 2.3.2.1, fetchmail throws that error whether 'ssl_ca' is set or not. Dovecot 2.3.2.1 reports the error "SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48" in the logs when attempting the TLS handshake. The permissions on the CA bundle haven't changed and should still be readable by Dovecot. Anyone have any ideas? I've been keeping =net-mail/dovecot-2.3.2.1 masked for the time being.
Last edited by XelKarin on Sun Sep 16, 2018 3:04 am; edited 1 time in total |
|
Networking & Security
