[Dovecot] problems with imaps

Daniel Luttermann daniel at dlutt.de
Fri Feb 22 18:02:47 EET 2013


On 2013-02-22, Matthias Leopold wrote:

> with thunderbird 10.0.12 i can't connect to port 993 and get errors in
> the logs like

> TLS: SSL_read() failed: error:14094412:SSL 
> routines:SSL3_READ_BYTES:sslv3 alert bad certificate

> (certificate generated by dovecot mkcert.sh)

> or

> TLS: SSL_read() failed: error:14094418:SSL 
> routines:SSL3_READ_BYTES:tlsv1 alert unknown ca

> (certificate generated by own openssl cmdline)

Did you create a Root CA certificate? If not, I would prefer to create
your own CA and sign all certs with this Root CA certificate. You'll
have to import the created Root CA certificate in Thunderbird and/or
the Microsoft Certificate Store so that the applications can trust the
self signed certificates.

You could also use a free Certificate Authority like StartSSL but the
Root CA certificate must also be available in the certificate store of
the application (Thunderbird, MS, Opera...).

--
Daniel





More information about the dovecot mailing list