[Dovecot] SSL stops working after server upgrade

"Ing. Daniel Rozsnyó" daniel at rozsnyo.com
Fri Sep 17 00:20:51 EEST 2010 

  Hello, after an upgrade of the dovecot server, I can not use SSL 
connections. Can you help me solving the issue? When googling for the 
error, there is an opinion that the client is broken (in my case 
Thunderbird, 3.1.3), but I rather see the issue in the server, because I 
was upgrading my gentoo box by hand, and the secure imap stopped to work 
after that.  Is there a more verbose SSL logging than the default 
verbose ssl = yes? It's output is attached below. Also, maybe only a 
configuration detail is missing, since with this version of dovecot, the 
configuration files were broken into several smaller files, but for my 
first look they contained the options I had used before.

Thanks.

Sep 16 23:12:25 [dovecot] master: Dovecot v2.0.2 starting up (core dumps 
disabled)
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x10, ret=1: 
before/accept initialization [192.168.77.202]
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x2001, ret=1: 
before/accept initialization [192.168.77.202]
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x2002, 
ret=-1: SSLv2/v3 read client hello A [192.168.77.202]
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x2001, ret=1: 
SSLv3 read client hello A [192.168.77.202]
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x2001, ret=1: 
SSLv3 write server hello A [192.168.77.202]
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x2001, ret=1: 
SSLv3 write certificate A [192.168.77.202]
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x2001, ret=1: 
SSLv3 write key exchange A [192.168.77.202]
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x2001, ret=1: 
SSLv3 write server done A [192.168.77.202]
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x2001, ret=1: 
SSLv3 flush data [192.168.77.202]
Sep 16 23:12:29 [dovecot] imap-login: Warning: SSL: where=0x2002, 
ret=-1: SSLv3 read client certificate A [192.168.77.202]
                 - Last output repeated twice -
Sep 16 23:12:30 [dovecot] imap-login: Warning: SSL alert: where=0x4004, 
ret=554: fatal bad certificate [192.168.77.202]
Sep 16 23:12:30 [dovecot] imap-login: Warning: SSL failed: where=0x2002: 
SSLv3 read client certificate A [192.168.77.202]
Sep 16 23:12:30 [dovecot] imap-login: Disconnected (no auth attempts): 
rip=192.168.77.202, lip=192.168.77.201, mpid=0, TLS handshaking: 
SSL_accept() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 
alert bad certificate: SSL alert number 42

More information about the dovecot mailing list