[Dovecot] Dovecot ok for port 110, but not for SSL (beginner asking)

Ben Morrow ben at morrow.me.uk
Thu Nov 8 21:16:51 EET 2012


At 11PM -0800 on  7/11/12 you (ycc_Swe) wrote:
> 
> I still have the same problem. When I set ssl parameter to yes/required I
> can still not connect to port 995.
> This time I set ssl=verbose. This is what the log shows when I try to
> connect with ssl.
>
<snip>
> Nov  8 08:42:25 deb7 dovecot: pop3-login: Warning: SSL: where=0x2002,
> ret=-1: SSLv3 read client certificate A [12.12.12.7]

Are you trying to authenticate with a client certificate, or with
user/password under SSL? Using a client certificate requires more
configuration than you have used.

Does your dovecot machine have a proper publically-signed SSL
certificate, or are you using a self-signed cert? If you're using a
self-signed cert you'll probably find third-pary systems (like the
website you're using for testing) won't accept it, and will disconnect
immediately.

Can you connect with 'openssl s_client' and log in manually, as you did
with telnet before? Can you connect to port 110 and upgrade to SSL with
'STLS' (s_client will try this for you if you pass -starttls pop3)?

Ben




More information about the dovecot mailing list