Timo (and others), It turns out that we had a different set of chain and root ca certs from godaddy than was required for the proper chain. It seemed to work for apache, but failed for dovecot...
I really dislike godaddy... thanks for the help, Tim. >> I guess I will go and make sure the chain and CA certs are the proper >> ones from godaddy. I hate chain certs... > > Good plan. I had a similar problem getting fetchmail to connect to > godaddy-cert'ed servers when the certificate chain verification failed > because the CA root cert was not present on my client. > > To find it, I had to export from the Windows default certstore to get > a copy. It did not identify itself very well, the OU was "ValiCert > Class 2 Policy Validation Authority" but it appeared in the certmgr > gui only as "http://www.valicert.com"; (under 3rd party root certs). > I believe the same one is in the Firefox certstore though, you can > probably find it there. > >> >> So, I guess I'm not sure if it is dovecot or not yet, although it is >> kind of strange that nothing is written in the logs about the handshake >> failing. >> >> Tim. >> >>
