Josh Berry writes:
Hi,I am trying to get IMAP over SSL working with a wildcard (chain) SSL certificate. The certificate works with apache on existing platforms but I am having problems getting it working with Courier. What happens is when the wildcard cert is being used in the imapd-ssl config file and I try and collect mail using a client it just hangs - there are no error messages in to the syslog and the client provides no clues either. If I use a self signed certificate then it works fine (other than asking me to accept the cert as it is cannot be verified). Has anyone got a chain certificate working, and if so what needs to be done. I have included my relevant configuration options below. The server is running on Solaris 10 for X86. TLS_PROTOCOL=SSL3 TLS_STARTTLS_PROTOCOL=TLS1 #TLS_CIPHER_LIST="ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH" TLS_CERTFILE=/share/admin/mailauth/sslcert # TLS_TRUSTCERTS= TLS_VERIFYPEER=NONE The certfile is in the format: -----BEGIN RSA PRIVATE KEY----- MIIJKAIBAAKCAgEAtg ...-----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- MIIFkTCCA3kCAQ ... -----END CERTIFICATE-----
If you need to use a chained cert, append the intermediate cert to the certfile.
pgp8ih6wdMxpt.pgp
Description: PGP signature
