C. Andrews Lavarre writes:
Presumably, as Joseph shows with his nc call, imap calls are to ServerName
mail.privustech.com.
No, nc is just a dumb tool -- it knows nothing about IMAP or SSL. You didn't
even get to the SSL handshake. Your problem has nothing to do with the
interaction of client and server -- it's strictly a server problem.
ssl = required
ssl_cert = </etc/apache2/ssl.crt/mail.privustech.com_start.crt
ssl_key = </etc/apache2/ssl.key/mailprivustech.key
ssl_ca = </etc/apache2/ssl.crt/mailprivustech_root_bundle.crt
ssl_ca is not analogous to Apache's SSLCertificateChainFile. I believe "ssl_ca"
is used to validate clients (i.e. mutual authentication).
You ought to concatenate your intermediate CA chain certificates and
your public key into ssl_cert.
See
http://wiki2.dovecot.org/SSL/DovecotConfiguration
Also, anything enlinghtening in the logs when ssl_verbose turned on?
Joseph Tam <[email protected]>
