[Dovecot] SSL cert problem

Professa Dementia professa at dementianati.com
Thu Jul 11 23:18:59 EEST 2013

On 7/11/2013 11:47 AM, Peter von Nostrand wrote:
> Hi,
> I'm running a new dovecot 2.0.9 under Centos 6.4. I'm having an issue with
> SSL certificate not being accepted by the email client.
> I have my own CA and I have generated certificates for web usage without a
> problem.
> For imaps and pop3s what I did was generate a certificate for the hostname
> of my dovecot server and then cat that cert with the intermediate and root
> CA certificates. No matter what thunderbird still complains with Unknown
> identity.

If you have access to a Unix / Linux system, you can use openssl with
the s_client command to connect to your mail server, much as you would
have done with telnet in the old days.  openssl shows all of the key
exchange in detail and should be more than enough for you to be able to
debug your problem.  Compare fingerprints of the keys you have stored
with those being sent to/from the server.


openssl s_client -connect mail.mydomain.com:995


More information about the dovecot mailing list