Darryl Baker writes:
I am running a small email site which I am moving from uw-imapd and Solaris to Ubuntu and Dovecot imaps and pop3s. I am trying to use a self-signed certificate for this site. I am using Thunderbird as the test client. I've tried both the pre-built snakeoil certificate and building a special one for dovecot. In /var/log/mail.err I keep getting what I am interpreting as a missing CA cert. The message is:
dovecot: imap-login: Error: SSL: Stacked error: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca: SSL alert number 48
The certificate was created by:
openssl req -new -x509 -days 365 -nodes -out /etc/ssl/certs/dovecot.pem -keyout /etc/ssl/private/dovecot.pem
Are you using this as a server certificate or as a client certificate? Please output your dovecot's configuration, esp. your SSL setup.
doveconf -n | grep ssl
Joseph Tam <jtam.home@gmail.com>