dovecot 2.3.x, ECC and wildcard certificates, any issues

Aki Tuomi aki.tuomi at dovecot.fi
Mon Jul 30 19:38:25 EEST 2018


> On 30 July 2018 at 19:16 David Mehler <dave.mehler at gmail.com> wrote:
> 
> 
> Hello,
> 
> Does dovecot 2.3.x have any issues recognizing or using certificates
> that are ECC and wildcard? I'm trying to switch my letsencrypt
> implementation from acme-client which does not support either of those
> capabilities to acme.sh which does. Since then external clients
> checking their email has not worked. A manual telnet to
> mail.example.com 993 gives a connected message but then nothing no
> greeting or capabilities.
> 
> The certificate is for example.com with an alt name of *.example.com
> if that's not right let me know, i'm not sure about that one,
> connecting to the web sites of these pages seems noticeably slower,
> I'm wondering if both of these issues aren't key related?
> 
> Thanks.
> Dave.

These both should be fine.

Port 993 is TLS encrypted, you should use openssl s_client -connect server:993

Aki


More information about the dovecot mailing list