[Dovecot] Dovecot SSL issues
Spyros Tsiolis
stsiol at yahoo.co.uk
Fri Jan 29 13:12:10 EET 2010
Hello all,
successfully managed to make dovecot work with horde (http://www.horde.org)
and another MTA (SMTP/POP3).
I have this nagging issue with dovecot though (I suspect - it's dovecot and
not the rest of the packages, please read on):
There is this special page one goes, that check if everything is ok with
all the relevant software running along Horde. It's a php file called
"test.php".
Now, this file shows almost everything that happens in the box. Here's a
transcript of what shows when it comes to dovecot and SSL :
---------------------------
* Trying protocol imap/ssl, Port 993:
ERROR - The server returned the following error message:
SECURITY PROBLEM: insecure server advertised AUTH=PLAINCertificate failure for localhost: self signed certificate:
/C=GR/ST=Kerkyra/L=Kerkyra/O=The Company Name/OU=IMAP
server/CN=webmail.thecompanyname.gr/emailAddress=postmaster at webmail.thecompanyname.gr
---------------------------
From what I understand, it doesn't like the certificate.
However, I've followed a howto document step-by-step and did what
is documented.
Does anyone have any pointers on how to make secure imap for dovecot ?
E.G. on ThunderBird, the settings are the following :
Tools -> Account Settings -> Server Settings :
Server Name : (the server or its ip address)
Username : (the username)
Port : (I've manually entered "993", because by default goes to "143")
Security Settings ->
Connection Security : SSL/TLS (again manually entered)
CHECK_ON : Use secure authentication
Now, if I click on "Get Mail" button on top of the TB window, I get a
pop-up window with the following message :
------
Server :
Location : <Servers' IP Address>:993
Certificate Status :
This site attempts to identify itself with invalid information.
Wrong Site :
Certificate belongs to a different site, which could indicate an
identity theft.
Unknown Identity :
Certificate is not trusted, because it hasn't been verified by a
recognized authority.
------
After that, the users accepts the above by pressing ok twice. However,
there's a third pop-up window with a message shown below :
------
You cannot log in to <servers' ip address> because you have enabled
secure authentication and this serer does not support it.
To log in, turn off secure authentication for this account.
------
Any help would be appreciated..
Thank you all for your patience,
S. Tsiolis
More information about the dovecot
mailing list