dovecot - Feb 2007 - SSL error is it due to a self certified certificate?

Hi I have set up dovecot with a self signed SSL certificate, created with
the mkcert.sh script.

Now I see the following in the log:

pop3-login: SSL_accept() failed: error:14094416:SSL
routines:SSL3_READ_BYTES:sslv3 alert certificate unknown [206.124.112.22]

pop3-login: Disconnected: rip=206.124.112.22, lip=204.3.153.71, TLS
handshake

Is this caused by my self certified certificates. Or is it another problem?

Thanks

Matthew

Matthew Bickerton wrote:
> Hi I have set up dovecot with a self signed SSL certificate, created with
> the mkcert.sh script.
> 
> Now I see the following in the log:
> 
> pop3-login: SSL_accept() failed: error:14094416:SSL
> routines:SSL3_READ_BYTES:sslv3 alert certificate unknown [206.124.112.22]
> 
> pop3-login: Disconnected: rip=206.124.112.22, lip=204.3.153.71, TLS
> handshake
> 
> Is this caused by my self certified certificates. Or is it another problem?
I doubt it.  I am using self-signed cert with no problem.  I use it with 
imaps and pop3s. Have you looked at the wiki regarding this?

http://wiki.dovecot.org/SSL

Mark

On Mon, 2007-02-05 at 00:19 +0000, Matthew Bickerton
wrote:
> pop3-login: SSL_accept() failed: error:14094416:SSL
> routines:SSL3_READ_BYTES:sslv3 alert certificate unknown [206.124.112.22]
> 
> pop3-login: Disconnected: rip=206.124.112.22, lip=204.3.153.71, TLS
> handshake
> 
> Is this caused by my self certified certificates. Or is it another problem?
That looks like the client is presenting a certificate that's unknown to
Dovecot. Have you changed ssl_verify_client_cert or
ssl_require_client_cert settings?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20070205/92c8a143/attachment.bin>