Timo (and others),
It turns out that we had a different set of chain and root ca certs from godaddy than was required for the proper chain. It seemed to work for apache, but failed for dovecot...
I really dislike godaddy...
thanks for the help,
Tim.
I guess I will go and make sure the chain and CA certs are the proper ones from godaddy. I hate chain certs...
Good plan. I had a similar problem getting fetchmail to connect to godaddy-cert'ed servers when the certificate chain verification failed because the CA root cert was not present on my client.
To find it, I had to export from the Windows default certstore to get a copy. It did not identify itself very well, the OU was "ValiCert Class 2 Policy Validation Authority" but it appeared in the certmgr gui only as "http://www.valicert.com" (under 3rd party root certs). I believe the same one is in the Firefox certstore though, you can probably find it there.
So, I guess I'm not sure if it is dovecot or not yet, although it is kind of strange that nothing is written in the logs about the handshake failing.
Tim.