After some experimenting with:

(a) The Thunderbird client

(b) The Linux command as client:

% openssl s_client -connect dovecot-server:imaps

I have arrived to a preliminary conclusion. The error that I am getting is this:

dovecot: imap-login: Disconnected: TLS: SSL_read() failed: SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42

It seems that the server certificate from the box is fine. I am guessing that the problem is that Dovecot asks for an SSL certificate that the Thunderbird client is not prepared to produce. I don't believe Thunderbird provides such capability (??).

If that is the case, how do I configure Dovecot to not ask for a client certificate?

Thanks,

Raymond

ps: If I am correct, the error message would be more informative as follows: "ssl3_read_bytes:sslv3 alert bad client certificate".

The E-mail client is Thunderbird on Windows.

I am preparing a new server, with Dovecot 2.2.36 and would like to know the currently recommended protocols. Should I stick to what I have? I would prefer to start with the easiest configuration possible, which I will revise later.

This is the command that I have been using to verify the server's functionality:

TIA