Re: Updated my Dovecot certificate for the first time

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 24 Nov 2016, Steve Litt wrote: On Thu, 24 Nov 2016 07:52:51 +0100 (CET) Steffen Kaiser wrote: On Wed, 23 Nov 2016, Steve Litt wrote: On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers

Re: Updated my Dovecot certificate for the first time

On Thu, 24 Nov 2016, Steve Litt wrote add the public part of the cert into your system's trusted CA store. Silly question, but how would you do that? You didn't say which OS you're running on (alpine runs on Windows as well), but I'll assume *nix. A previous poster showed you how to do it

Re: Updated my Dovecot certificate for the first time

What would be the use of a self signed cert that is not automatically checked? If you see a warning how can you be sure that the cryptographic key used is correct? Just manually checking the common name displayed lowers the security to almost zero. A big additional disadvantage is that one gets

Re: Updated my Dovecot certificate for the first time

Hi Steve, You could create your own private CA then sign your Dovecot certificate with the CA cert and alpine should then trust it. Best Regards Martin On 2016-11-24 15:37, Steve Litt wrote: On Thu, 24 Nov 2016 07:52:51 +0100 (CET) Steffen Kaiser wrote:

Re: Updated my Dovecot certificate for the first time

On 25/11/16 02:37, Steve Litt wrote: >> "sees the self-signed cert"? >> Did you've added it as trusted to the CA as Greg said and wrote what >> to do? > > No. I don't want to deal with a third party "Trusted Party": I want it > self-signed. What I was looking for was a way Alpine could be set

Re: Updated my Dovecot certificate for the first time

On Thu, 24 Nov 2016 07:52:51 +0100 (CET) Steffen Kaiser wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Wed, 23 Nov 2016, Steve Litt wrote: > > >On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers > > wrote: > >> $

Re: Updated my Dovecot certificate for the first time

On Nov 23, 2016, at 5:02 PM, Joseph Tam wrote: > add the public part of the cert into your system's trusted CA store. Silly question, but how would you do that?

Re: Updated my Dovecot certificate for the first time

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, 23 Nov 2016, Steve Litt wrote: On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers wrote: $ strings $(whence alpine) | grep '^/.*certs$' /etc/ssl/certs The directory or the certs isn't the problem. Alpine sees

Re: Updated my Dovecot certificate for the first time

Alpine still gives me a bad cert warning, saying I should either fix it or disable checking. I haven't yet found a way to get Alpine to discriminate between a valid self-signed cert and a bad one. Well, it can't discriminate since any certificate (except those in your trusted store) that

Re: Updated my Dovecot certificate for the first time

On mercredi, 23 novembre 2016 17.31:50 h CET Steve Litt wrote: > On Wed, 23 Nov 2016 16:04:22 -0600 (CST) > > Greg Rivers wrote: > > On Wed, 23 Nov 2016, Steve Litt wrote: > > > [snip] > > > > > > Alpine still gives me a bad cert warning, saying I should either > > >

Re: Updated my Dovecot certificate for the first time

On Wed, 23 Nov 2016 16:04:22 -0600 (CST) Greg Rivers wrote: > On Wed, 23 Nov 2016, Steve Litt wrote: > > [snip] > > > > Alpine still gives me a bad cert warning, saying I should either > > fix it or disable checking. I haven't yet found a way to get Alpine > > to

Re: Updated my Dovecot certificate for the first time

On Wed, 23 Nov 2016, Steve Litt wrote: [snip] Alpine still gives me a bad cert warning, saying I should either fix it or disable checking. I haven't yet found a way to get Alpine to discriminate between a valid self-signed cert and a bad one. Like a number of applications, alpine checks the

Updated my Dovecot certificate for the first time

Hi all, I've used Dovecot since February 2012, but because I kept reinstalling Linux with every major version, I never had a Dovecot self-signed certificate go bad on me before. Til now. I started using rolling release Void Linux about a year ago, and my Dovecot self-signed certificate just