I tryed Google an got to this page:


In my case

error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown:s3_pkt.c:1260:SSL alert number 46

was solved by adding

  ssl_verify_client_cert = yes

in /etc/dovecot/dovecot.conf.

Allan Dukat

On 2020-01-11 16:50, Eric Broch wrote:
can you try debugging:

 bash -c 'echo a login '"$user $pass"'; while read x; do echo "$x";
 | openssl s_client -crlf -connect mail.mydomain.com:993
 -CAfile /var/qmail/control/servercert.pem
 -cert /var/qmail/control/servercert.pem
 -key  /var/qmail/control/servercert.pem

On 1/11/2020 8:27 AM, Remo Mattei wrote:

Yes here is the config 

auth_mechanisms = plain login digest-md5 cram-md5
auth_username_format = %Lu
first_valid_uid = 89
first_valid_gid = 89
log_path = /var/log/dovecot.log
login_greeting = IMAP server .
mail_plugins = $mail_plugins quota
plugin/quota = maildir
protocols = imap pop3
disable_plaintext_auth = no
ssl_cert = </var/qmail/control/mail_validcert_com.crt
ssl_key = </var/qmail/control/mail_validcert_com.pem
mail_location = maildir:~/Maildir

and I have this working on a diff server


On Saturday, Jan 11, 2020 at 07:15, Charles Hockenbarger
<chash...@gmail.com> wrote:

Are you sure the cert location is defined correctly?

Get TypeApp for Android [1]
On Jan 11, 2020, at 9:05 AM, Remo Mattei <r...@mattei.org> wrote:

:34 imap-login: Info: Disconnected (no auth attempts in 0 secs):
user=<>, rip=, lip=xxxxx, TLS handshaking: SSL_accept()
failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert
certificate unknown: SSL alert number 46, session=<Aibbi96boqY0fYBe>

Jan 11 08:03

I am getting this any suggestions from anyone?


[1] http://www.typeapp.com/r?b=15723

To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Reply via email to