Hi Karsten, On Fri, Dec 31, 2021 at 4:36 PM Karsten <deb...@decotrain.de> wrote: > I upgraded the server from Debian 9 to 11 and afterwards it seems not > possible to get fetchmail to work. > > I tried every possible option of ssl and sslproto, but fetchmail can't fetch > the mails. > The log says: [...] > fetchmail: Server certificate verification error: self signed certificate > fetchmail: Missing trust anchor certificate: > /C=DE/ST=germany/L=here/O=mydomain/OU=Privacy/CN=mydomain.de/emailAddress=webmas...@mydomain.de > fetchmail: This could mean that the root CA's signing certificate is not in > the trusted CA certificate location, or that > c_rehash needs to be run on the certificate directory. For details, please > see the documentation of --sslcertpath and > --sslcertfile in the manual page. See README.SSL for details. [...] > What must be done to get it working again? Did you read the verbose information? Your server uses a self-signed certificate, which doesn't have any trust. You can supply the client side certificate with --sslcertfile or (by shooting yourself on the foot) you can disable the certificate validation setting with --nosslcertck.
Regards, Laszlo/GCS