Hello,
I added ca_file to the server section. I do not want clients to present certificates, so I did not create the ssl client section you proposed.
Any other suggestion?
I still cannot imagine what could be the cause.
Thanks
Marek
Odoslané pomocou bezpečného emailu Proton Mail.
štvrtok 20. novembra 2025, 16:13, pgnd <pgnd@dev-mail.net> napísal/a:
after upgrading from Fedora 42 to Fedora 43 the dovecot got upgraded to version 2.4.
imo, a sloppy choice on their part, forcing the need to significantly change imap config at the same time as an OS upgrade, and 'breaking imap' for lots of folks.
Should the authority certificate be configured somewhere in dovecot?
start with a thorough read of
https://doc.dovecot.org/2.4.2/core/config/ssl.html
if using self-signed certs, you'll end up with something similar to
ssl = required ... ssl_server { ca_file = /path/to/your_CA.crt.pem cert_file = /path/to/your_domain.server.ec.crt.pem key_file = /path/to/your_domain.server.ec.key.pem ... } ssl_client { ca_file = /path/to/your_CA.crt.pem cert_file = /path/to/your_domain.client.ec.crt.pem key_file = /path/to/your_domain.client.ec.key.pem ... }