Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)

Ralf Hildebrandt Ralf.Hildebrandt at charite.de
Mon Mar 20 14:30:48 EET 2017


Hi!

I upgraded the 2.2 packages today (from 2:2.2.28-1~auto+5 to 2:2.2.28-1~auto+8) I now I'm getting an error:

Mar 20 13:25:58 mproxy dovecot: auth: Error: imapc(email.charite.de:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)

I checked, and alas, I had

ssl_client_ca_dir = 
ssl_client_ca_file =

So I set:

ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt

But I'm still getting the error above.

I addition, dovecot is crashing with SIGSEGV:

Mar 20 13:28:23 mproxy dovecot: auth: Error: imapc(email.charite.de:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
Mar 20 13:28:23 mproxy dovecot: auth: Error: imapc(email.charite.de:993): No SSL context
Mar 20 13:28:23 mproxy dovecot: auth: Error: imap(la***sch,87.77.180.61): Disconnected from server
Mar 20 13:28:23 mproxy postfix/submission/smtpd[32682]: warning: zb43d.pia.fu-berlin.de[87.77.180.61]: SASL PLAIN authentication failed: Connection lost to authentication server
Mar 20 13:28:23 mproxy dovecot: auth: Fatal: master: service(auth): child 32685 killed with signal 11 (core dumped)

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebrandt at charite.de | http://www.charite.de
	    


More information about the dovecot mailing list