[Dovecot] Dovecot SSL issues

29 Jan 2010

      Hello all,
successfully managed to make dovecot work with horde (http://www.horde.org)
and another MTA (SMTP/POP3).
I have this nagging issue with dovecot though (I suspect - it's dovecot and
not the rest of the packages, please read on):
There is this special page one goes, that check if everything is ok with
all the relevant software running along Horde. It's a php file called
"test.php".
Now, this file shows almost everything that happens in the box. Here's a
transcript of what shows when it comes to dovecot and SSL :

* Trying protocol imap/ssl, Port 993:

      ERROR - The server returned the following error message:

      SECURITY PROBLEM: insecure server advertised AUTH=PLAINCertificate failure for localhost: self signed certificate:
      /C=GR/ST=Kerkyra/L=Kerkyra/O=The Company Name/OU=IMAP
      server/CN=webmail.thecompanyname.gr/emailAddress=postmaster@webmail.thecompanyname.gr

From what I understand, it doesn't like the certificate.
However, I've followed a howto document step-by-step and did what
is documented.
Does anyone have any pointers on how to make secure imap for dovecot ?
E.G. on ThunderBird, the settings are the following :
Tools -> Account Settings -> Server Settings :
Server Name : (the server or its ip address)
Username : (the username)
Port : (I've manually entered "993", because by default goes to "143")
Security Settings ->
Connection Security : SSL/TLS (again manually entered)
CHECK_ON : Use secure authentication
Now, if I click on "Get Mail" button on top of the TB window, I get a
pop-up window with the following message :

Server :
Location : :993
Certificate Status :
This site attempts to identify itself with invalid information.
Wrong Site :
Certificate belongs to a different site, which could indicate an
identity theft.
Unknown Identity :
Certificate is not trusted, because it hasn't been verified by a
recognized authority.
After that, the users accepts the above by pressing ok twice. However,
there's a third pop-up window with a message shown below :

You cannot log in to  because you have enabled
secure authentication and this serer does not support it.
To log in, turn off secure authentication for this account.
Any help would be appreciated..
Thank you all for your patience,
S. Tsiolis

Spyros Tsiolis

Unknown Identity : Certificate is not trusted, because it hasn't been verified by a recognized authority.

You cannot log in to because you have enabled secure authentication and this serer does not support it. To log in, turn off secure authentication for this account.

Tom Hendrikx

Unknown Identity : Certificate is not trusted, because it hasn't been verified by a recognized authority.

You cannot log in to because you have enabled secure authentication and this serer does not support it. To log in, turn off secure authentication for this account.

Eric Rostetter

tags

participants (3)