Hi Laura,
On 25.01.22 11:48, Laura Smith wrote:
Thanks for your suggestion, I have a couple of questions about it though. > First, my understanding from the docs was that ssl_client_ca_* were override parameters and that in the absence of the parameters, Dovecot would default to using OpenSSL defaults ? (And building on that, as per my manual tests, you can see OpenSSL returns an "OK" on the validation).
To be honest: I dont have a setup like yours to test it. I just remembered a mail from Aki in which he mentioned this part of the documentation and so I thought that
ssl_ca = </etc/ssl/certs/ca-certificates.crt
is worth a try.
Second, I'm dealing with standard Let's Encrypt certs here, no private PKI certs here.
Yes, I know. And it seems, that all is fine with them.
Regards, Markus