On Mon, 2013-03-18 at 22:56 -0700, pvsuja wrote:
> Mar 19 09:33:16 mailspace dovecot: imap(suja): Invalid certificate: self > signed certificate in certificate chain: /C=IN/ST=Karnataka/O=xxx/OU=YYY > CA/CN=mailserver.domain.com/[email protected] > Mar 19 09:33:16 mailspace dovecot: imap(suja): Error: > ssl = required to ensure things are working, change this to "no", if you can get mail then, change it to "yes", dont absolute force until you have everything fixed. > ssl_ca = </usr/local/etc/dovecot/certs/cacert.pem > ssl_cert = </usr/local/etc/dovecot/certs/public_cert.pem > ssl_key = </usr/local/etc/dovecot/certs/private_key.pem > > I guess my SSL certificate configuration is not done properly. How did you generate this? is it really self signed, or is it a CA signed (you can get free certs) If it's CA signed, ensure you created it like this (the order *is* important): cat mail.crt sub.crt ca.crt > dovecot.pem *remove ssl_ca = ....stuff* ssl_cert_file = </path/to/dovecot.pem ssl_key_file = </path/to/mail/mail.key Been loooong time since I use self signed, but from memory openssl req -x509 -days 999 -nodes -newkey rsa:2048 -keyout domain.key -out domain.crt (and IIRC tou need to ssl_ca = stuff) dovecot wiki should have the correct format for self signed
signature.asc
Description: This is a digitally signed message part
