On Fri, Oct 22, 2010 at 11:21:22PM -0600, Joseph wrote: > I'm using fetchmail to pull mail from google but lately I've been getting > this error: > > fetchmail: Server certificate verification error: unable to get local issuer > certificate > fetchmail: This means that the root signing certificate (issued for > /C=US/O=Google Inc/CN=Google Internet Authority) is not in the > trusted CA certificate locations, or that c_rehash needs to be run > on the certificate directory. For details, please see the > documentation of --sslcertpath and --sslcertfile in the manual page. > fetchmail: Server certificate verification error: certificate not trusted > fetchmail: Warning: the connection is insecure, continuing anyways. (Better > use --sslcertck!) > > I've tried to set option "sslcertck" in fetchmailrc > poll pop.gmail.com with proto POP3 and options no dns user > '[email protected]' password 'xxxxxxxxxxx' options ssl sslcertck > > but it gives me an error. > How to use this option? > > -- > Joseph
I'm reluctant to post as this is my first post to this list after lurking several weeks, but I'll go ahead and whether my comments have any value will be up to reader. I signed up for a gmail account last year and after learning of their pop service I tried it with fetchmail. It actually worked once and then failed with a socket error. Since I only used it to read the comp.mail.sendmail group digest I didn't worry about it. After reading your post I tried it again with the same result.I'm able to log on the webmail with this password and username. Moderator, I know this is OT since this a mutt users group, but allow me one further comment before I go down in flames. I used to get a "unsigned certificate in chain" error message from fectchmail but got rid of this by copying the server's key from the fetchmail log into a sslkey statement in .fetcmailrc Since then I have upgraded to Fetchmail-6.3.13 and "start TLS" and "upgrade to TLS succeeded" appear in my logs without any ssl statements in .fetchmailrc . Mike Hollis
