C. Andrews Lavarre writes:
> Presumably, as Joseph shows with his nc call, imap calls are to ServerName
mail.privustech.com.
No, nc is just a dumb tool -- it knows nothing about IMAP or SSL. You
didn't
even get to the SSL handshake. Your problem has nothing to do with the
interaction of client and server -- it's strictly a server problem.
> ssl = required
> ssl_cert = </etc/apache2/ssl.crt/mail.privustech.com_start.crt
> ssl_key = </etc/apache2/ssl.key/mailprivustech.key
> ssl_ca = </etc/apache2/ssl.crt/mailprivustech_root_bundle.crt
ssl_ca is not analogous to Apache's SSLCertificateChainFile. I believe
"ssl_ca"
is used to validate clients (i.e. mutual authentication).
You ought to concatenate your intermediate CA chain certificates and
your public key into ssl_cert.
See
http://wiki2.dovecot.org/SSL/DovecotConfiguration
Also, anything enlinghtening in the logs when ssl_verbose turned on?
Joseph Tam <jtam.home at gmail.com>