Received invalid SSL certificate: unable to get certificate CRL

Aki Tuomi aki.tuomi at open-xchange.com
Mon Jan 31 06:24:38 UTC 2022


> On 26/01/2022 11:19 Markus Winkler <ml at irmawi.de> wrote:
> 
>  
> Hi Laura,
> 
> On Wed, 26 Jan 2022 at 12:09:04AM +0000, Laura Smith wrote:
> >‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
> >>
> >> I thought that
> >>
> >> ssl_ca = </etc/ssl/certs/ca-certificates.crt
> >>
> >> is worth a try.
> >
> >
> >Does ssl_ca even apply to dsync/imapc ?
> 
> as I wrote: I cannot test your scenario and the link to the documentation I sent was only a rough idea.
> 
> >Looking at the docs its all about client certificate authentication ? Something which does not apply to my environment, and even if it did, it 
> >would not apply to dsync/imapc because I am initiating the connection, not the remote end ?
> 
> In my understanding this parameter is not only about client certificate authentication. If you want, then please have a look at this:
> 
> https://doc.dovecot.org/settings/core/#core_setting-ssl_ca
> 
> [...]
> These CAs are also used by some processes for validating outgoing SSL connections, i.e. performing the same function as ssl_client_ca_file.
> [...]
> 
> And that's why I wrote: it's worth a try (it takes only two minutes to test it ...). IMHO of course. If you don't want to test it, OK. But I have 
> no further ideas, sorry.
> 
> Regards,
> Markus

Hi Laura, did you try this? Did it work? 

Aki


More information about the dovecot mailing list