Hi Laura,
On Mon, 24 Jan 2022 at 08:25:12PM +0000, Laura Smith wrote:
I'm having a frustrating problem trying to use "doveadm sync" to pull mails off a server for migration purposes.
# 2.3.17.1 (476cd46418): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.17.1 (a1a0b892) # OS: Linux 5.10.0-11-amd64 x86_64 Debian 11.2
I have tried both explicit "ssl_client_ca_dir = /etc/ssl/certs" and commenting it out (i.e. relying on OpenSSL default per the docs)
I always get the same: Info: Received invalid SSL certificate: unable to get issuer certificate: /C=US/O=Internet Security Research Group/CN=ISRG Root X1 (check ssl_client_ca_* se ttings?)
just an idea, but maybe that's the problem?:
https://doc.dovecot.org/configuration_manual/authentication/proxies/
"Note ssl_client_ca_dir or ssl_client_ca_file aren’t currently used for verifying the remote certificate, although ideally they will be in a future Dovecot version. For now you need to add the trusted remote certificates to ssl_ca."
Regards, Markus