now the problem with this is that my webmail does not auth anymore — Remo
> On Saturday, Jan 11, 2020 at 09:44, Remo Mattei <r...@mattei.org > (mailto:r...@mattei.org)> wrote: > looks like the new opitons is > auth_ssl_require_client_cert = yes > > > — > Remo > > > On Saturday, Jan 11, 2020 at 09:35, <qmailtoas...@dukat.dk > > (mailto:qmailtoas...@dukat.dk)> wrote: > > I tryed Google an got to this page: > > > > https://serverfault.com/questions/639837/openssl-s-client-shows-alert-certificate-unknown-but-all-server-certificates-app > > > > " > > In my case > > > > error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate > > unknown:s3_pkt.c:1260:SSL alert number 46 > > > > was solved by adding > > > > ssl_verify_client_cert = yes > > > > in /etc/dovecot/dovecot.conf. > > " > > > > Allan Dukat > > > > > > On 2020-01-11 16:50, Eric Broch wrote: > > > can you try debugging: > > > > > > user='myu...@mydomain.tld' > > > pass='mypasswd' > > > bash -c 'echo a login '"$user $pass"'; while read x; do echo "$x"; > > > done' > > > | openssl s_client -crlf -connect mail.mydomain.com:993 > > > -CAfile /var/qmail/control/servercert.pem > > > -cert /var/qmail/control/servercert.pem > > > -key /var/qmail/control/servercert.pem > > > -debug > > > > > > On 1/11/2020 8:27 AM, Remo Mattei wrote: > > > > > > > Yes here is the config > > > > > > > > auth_mechanisms = plain login digest-md5 cram-md5 > > > > auth_username_format = %Lu > > > > first_valid_uid = 89 > > > > first_valid_gid = 89 > > > > log_path = /var/log/dovecot.log > > > > login_greeting = IMAP server . > > > > mail_plugins = $mail_plugins quota > > > > plugin/quota = maildir > > > > protocols = imap pop3 > > > > disable_plaintext_auth = no > > > > ssl=yes > > > > ssl_cert = </var/qmail/control/mail_validcert_com.crt > > > > ssl_key = </var/qmail/control/mail_validcert_com.pem > > > > mail_location = maildir:~/Maildir > > > > > > > > and I have this working on a diff server > > > > > > > > — > > > > Remo > > > > > > > > On Saturday, Jan 11, 2020 at 07:15, Charles Hockenbarger > > > > <chash...@gmail.com> wrote: > > > > > > > > Are you sure the cert location is defined correctly? > > > > > > > > Get TypeApp for Android [1] > > > > On Jan 11, 2020, at 9:05 AM, Remo Mattei <r...@mattei.org> wrote: > > > > > > > > :34 imap-login: Info: Disconnected (no auth attempts in 0 secs): > > > > user=<>, rip=52.125.128.94, lip=xxxxx, TLS handshaking: SSL_accept() > > > > failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert > > > > certificate unknown: SSL alert number 46, session=<Aibbi96boqY0fYBe> > > > > > > > > Jan 11 08:03 > > > > > > > > I am getting this any suggestions from anyone? > > > > > > > > — > > > > Remo > > > > > > > > > Links: > > > ------ > > > [1] http://www.typeapp.com/r?b=15723 > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > >