Adding ssl_client_ca_dir solved my problem. Now I can connect to the IMAP server. Thanks.

pon., 23 lip 2018 o 13:53 Aki Tuomi <aki.tuomi@dovecot.fi> napisał(a):

Hi!

You need to add a ssl_client_ca_* setting even if you don't want the imapc to verify the remote cert. I'll have to look into why this has been made a requirement in the code, since it has to do what with how we do OpenSSL initialization.

Aki

On 21.07.2018 12:59, Andrzej Polatyński wrote:
Hi,

I'm trying to migrate from an old courier IMAP server to Dovecot 2.3.1 (8e2f634). The old server uses self signed SSL certificate.

I'm using the following configuration:

imapc_host = 10.1.1.3
imapc_user = %u
imapc_features = rfc822.size fetch-headers
imapc_port = 993
imapc_ssl = imaps
imapc_ssl_verify = no
mail_prefetch_count = 20
mail_shared_explicit_inbox = no

Launching dsync with the command:

doveadm -o mail_fsync=never -o imapc_password=PASSWORD -Dv backup -R -u USER@DOMAIN imapc:

In the output logs I get messages like below:

dsync(USER@DOMAIN): Error: imapc(10.1.1.3:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
dsync(USER@DOMAIN): Debug: imapc(10.1.1.3:993): Created new connection
dsync(USER@DOMAIN): Debug: imapc(10.1.1.3:993): Looking up IP address (reconnect_ok=true, last_connect=1532016643)
dsync(USER@DOMAIN): Debug: imapc(10.1.1.3:993): Connecting to 10.1.1.3:993
dsync(USER@DOMAIN): Info: imapc(10.1.1.3:993): Connected to 10.1.1.3:993 (local 172.17.0.5:51972)
dsync(USER@DOMAIN): Error: imapc(10.1.1.3:993): No SSL context
dsync(USER@DOMAIN): Debug: imapc(10.1.1.3:993): Disconnected
Am I missing some configuration parameters?


-- 
Regards,
Andrew



--
Pozdrawiam,
Andrzej