On Fri, 5 Mar 2004, gabriel russell wrote: >The problem that I have is that I can't get my mail.app to trust the >cert. Even if I import the ca into my keyring, or into the x509 anchors. >I get this error in the binc imap log: >error initializing Binc IMAP: SSL negotiation failed: Internal SSL er >ror: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
Unknown CA - are you sure Mac OS X mail understands self signed certificates? Or have you tried setting up your own CA and sign the cert yourself? >At this point, I realize that I can't differentiate between client >configuration issues and cert generation issues. I was wondering if and >hoping that there is a test cert/key that is confirmed to work that I >can try to narrow my problems scope down. The cert generated by "make testcert" works out of the box with me. Perhaps you could show the commands you used to generate the cert, with the output as you run them. At least then we could verify that the cert is generated correctly. :-) Andy -- Andreas Aardal Hanssen | http://www.andreas.hanssen.name/gpg Author of Binc IMAP | "It is better not to do something http://www.bincimap.org/ | than to do it poorly."
