On Thu, 31 Jan 2008 15:25:47 +0200 Timo Sirainen tss@iki.fi wrote:
On Thu, 2008-01-31 at 13:48 +0100, Bjørn T Johansen wrote:
I have now tried every combination I can think of but my mail client still tells me..:
"Certificate for hostname is unknown. "
and
"Signature status: unable to get local issuer certificate."
I am trying to install a GoDaddy certificate and I have my public cert and then GoDaddys intermediate certificate in my crt file, which I think is how it is supposed to be but I still get this...
What am I doing wrong?
As far as I know the only thing that matters is the certificate order in the file. Maybe checking with "openssl s_client -connect host:993" shows something useful?
I think I have found the problem... It is libetpan and GnuTLS that apparently can't build the cert chain properly... I just tried using Thunderbird and the certificate was accepted without any problems... :(
But this reminds me anyway: Are the certificates GoDaddy offers still using intermediate certs? I was thinking about buying one of those $22/year ones for dovecot.org. Although I don't think I really need one right now. :)
Yes, still intermedia certs...
BTJ