Hello, I'm running Qpopper 4.0.3 with openssl on 2 Ports (Starttls on Port 110 and alternate-port 995). Our certificate hierarchy has three levels: root ca - local ca - server cert. In the file referenced by tls-server-cert-file in the qpopper-config only the first certificate will be taken and only if the common name (server PTR) matches. If we place the local ca cert in first and server cert in second position the qpopper will reject connections , visa versa it will not hand out the local ca cert to the client (Eudora 5.1) which only knows the root ca cert -> so the cert chain cannot be closed and is not trusted -> the client rejects to do the password authentication. We do not want our users to accept the server cert but only have the root ca cert which is delivered within the <eudora bin>/rootcerts.p7b file. Has anyone experienced this or similar problems? Best regards Iris ---------------------------------------------------- Iris Mayer Rechenzentrum der Universitaet Mannheim / Internet-Dienste email: [EMAIL PROTECTED] Tel: ++49 621 181 3196 (Mo-Do 8-13 h) Fax: ++49 621 181 3198
