[Dovecot] SSL issues on separate IPs - resolved
Tim Traver
tt-list at simplenet.com
Fri Dec 3 08:36:18 EET 2010
Timo (and others),
It turns out that we had a different set of chain and root ca certs from
godaddy than was required for the proper chain. It seemed to work for
apache, but failed for dovecot...
I really dislike godaddy...
thanks for the help,
Tim.
>> I guess I will go and make sure the chain and CA certs are the proper
>> ones from godaddy. I hate chain certs...
>
> Good plan. I had a similar problem getting fetchmail to connect to
> godaddy-cert'ed servers when the certificate chain verification failed
> because the CA root cert was not present on my client.
>
> To find it, I had to export from the Windows default certstore to get
> a copy. It did not identify itself very well, the OU was "ValiCert
> Class 2 Policy Validation Authority" but it appeared in the certmgr
> gui only as "http://www.valicert.com" (under 3rd party root certs).
> I believe the same one is in the Firefox certstore though, you can
> probably find it there.
>
>>
>> So, I guess I'm not sure if it is dovecot or not yet, although it is
>> kind of strange that nothing is written in the logs about the handshake
>> failing.
>>
>> Tim.
>>
>>
More information about the dovecot
mailing list