[Dovecot] SSL Certificate Anomalies with latest code changes

Thomas Leuxner tlx at leuxner.net
Thu Apr 12 11:16:45 EEST 2012


On Thu, Apr 12, 2012 at 10:43:22AM +0300, Timo Sirainen wrote:
> What kind of a certificate do you have? You have an intermediary cert that exists only in ssl_ca file? I couldn't reproduce this with a test. But anyway, reverted for now: http://hg.dovecot.org/dovecot-2.1/rev/f80f18d0ffa3
> 

Thawte. They only do intermediates for some time now.

$ openssl x509 -in /etc/ssl/certs/spectre_leuxner_net_2011.crt -noout -subject -issuer -dates
subject= /O=spectre.leuxner.net/OU=Go to https://www.thawte.com/repository/index.html/OU=Thawte
SSL123 certificate/OU=Domain Validated/CN=spectre.leuxner.net
issuer= /C=US/O=Thawte, Inc./OU=Domain Validated SSL/CN=Thawte DV SSL CA
notBefore=May 16 00:00:00 2011 GMT
notAfter=Jun 14 23:59:59 2012 GMT

[...]

ssl_ca = </etc/ssl/certs/SSL123_CA_Bundle.pem
ssl_cert = </etc/ssl/certs/spectre_leuxner_net_2011.crt
ssl_key = </etc/ssl/private/spectre_leuxner_net_2011.key
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120412/3e172472/attachment-0004.bin>


More information about the dovecot mailing list