[Dovecot] chained ssl cert not working

Timo Sirainen tss at iki.fi
Thu Jan 26 23:16:29 EET 2006


On Tue, 2006-01-24 at 21:10 -0800, harryp at dmsnev.com wrote:
> I am running a production server with 40 pop3 users using dovecot 0.99.14.
> I am trying to get a chained certificate installed that I purchased
> through godaddy.com. I need some clarification on how to do this. I found
> some really vague instructions on the dovecot wiki
> http://wiki.dovecot.org/ChainedSSLCertificates?highlight=%28chained%29
> Unfortunately these instructions are very confusing for me. 

Well, I'm not sure how to say it much clearer. And I haven't tried it
myself either, but it should be done in Dovecot the same way as it's
done with every other server using OpenSSL. You could try to look up the
same instructions for eg. Apache, Postfix, or whatever server.

But as far as I know, it should work just by putting all the
certificates in the chain into a single file, and pointing Dovecot to
read that file as the certificate. So the cert file would be something
like:

-----BEGIN CERTIFICATE-----
first cert
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
second cert
-----END CERTIFICATE-----

Hmm. I agree that the example names in the Wiki page can be a bit
difficult to understand, unless you know what they mean. I'd guess it
means there that Globalsign partners has signed TDC's CA certificate,
which has signed TDC SSL Server CA's certificate, which has signed Local
server public certificate.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20060126/70fbc246/attachment.pgp


More information about the dovecot mailing list