So, at wits end. Have gone back to plain text for pop3. I set up the ssl as per instructions but I always get a 'chain' error first time trying to receive mail with my mail client. Comes down I believe to the need to get a CA for dovecot's pem files or I will always get an error. Now I am thinking since I am self signing my own mail I should be able to make that intermediate crt file for dovecot....but have no idea the name or process for that one. I am not gonna pay 30 dollars to get a signed cert for my own mail, nor do I want to keep getting that error when my mail client opens up. So...anyone ever do a self signed cert with dovecot and went ssl pop3s? Millions of posts out there but no one has an answer. bummed
Bob Hoffman wrote:> So, at wits end. Have gone back to plain text for pop3. > > I set up the ssl as per instructions but I always get a 'chain' error first > time trying to receive mail with my mail client. > > Comes down I believe to the need to get a CA for dovecot's pem files or I > will always get an error. > > Now I am thinking since I am self signing my own mail I should be able to > make that intermediate crt file for dovecot....but have no idea the name or > process for that one. > > I am not gonna pay 30 dollars to get a signed cert for my own mail, nor do I > want to keep getting that error when my mail client opens up. > > > So...anyone ever do a self signed cert with dovecot and went ssl pop3s? > Millions of posts out there but no one has an answer. > > > bummed >Did you try any of the advice you received when you asked a month ago? http://lists.centos.org/pipermail/centos/2009-June/078273.html
On Fri, 24 Jul 2009, Bob Hoffman wrote:> So, at wits end. Have gone back to plain text for pop3. > > I set up the ssl as per instructions but I always get a 'chain' > error first time trying to receive mail with my mail client. > > Comes down I believe to the need to get a CA for dovecot's pem files > or I will always get an error.You've got to tell your mail client to trust either the dovecot certificate or the CA cert that signed it. The procedure for doing so varies with your mail client. The message you sent to the list came from Outlook. Is that the client you typically use? -- Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/