-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 18 Feb 2010, Arne K. Haaje wrote:
I'm using the same certificate for dovecot and https. My settings in dovecot.conf are;
ssl_cert_file = /etc/ssl/certs/hostname.pem ssl_key_file = /etc/ssl/private/hostname.key
This part from the user guide is very important if you received a "bundle / chain" of CA certificates from Verisign;
Chained SSL certificates
Put all the certificates in the ssl_cert_file file. For example when using a certificate signed by TDC the correct order is:
- Dovecot's public certificate
- TDC SSL Server CA
- TDC Internet Root CA
- Globalsign Partners CA
Do I assume that the Verisign CA's root cert is part ofThunderbird by default? Otherwise you would need to add the root cert manually.
Also, I have explicitly set the CA file in Dovecot: ssl_ca_file =
Regards,
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS31Jmr+Vh58GPL/cAQJfBwf9Fg6ItLJxj09RHCY/dp9nIMiAGsDEHGsQ kS6p7iyOZSfxGPJcovTHU85lgZqF2VUWWhgpTfVp2xAm1XoNTDYz5sdErWkckBmf iqWYkQl8kYChl3lQLcJMrN4Fv2t6Cp+IkaKaMVa7bo5pAX0byq2DatGfWSiUvrk3 BEOEoTrFz2DAk27TnzLNWuQ1CtyHlxDDjFSOJH1g1HoCeit6f4Vyc7p1llCV6P1r 6/IOcdLByeX/m38FJiP1/rhpv8O1zEfyGJuY0oL1nSF62wosMLXzZUkYwK6IN7cm CytCyodEloKQhu0XzFHA0EJQ2eXWLsp8sCVt0GTymQaTURazgQ9aoQ== =7FhN -----END PGP SIGNATURE-----