Separate subject, but couldn't help but notice, SSL3 is being used?
Wasn't SSL3 retired because of POODLE exploits? Can someone more  knowledgeable confirm?

On 9/7/21 11:05, Steve Dondley wrote:

On 2021-09-07 01:25 PM, Amol Kulkarni wrote:

Hello,
 
After I replaced my certificate with a new one yesterday, I'm seeing some ssl related errors. There are successful pop/imap logins using SSL also. So I think the certificate in itself is fine. No user has complained as yet, so I don't know for sure. However the count of errors has surely increased after installing the new certificate.
There are 2 errors seen :
dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=, lip
=, TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown: SSL alert number 46, session=<9m0AnVnL
2pHf4hso>


dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=, lip
=, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42, session=<ww/b6VfLmeR7yTog>
 
Kindly help with some pointers. 
 
Thanks and Regards,
Amol

I assume you tried restarting dovecot, but just in case...