Salatiel Filho
2021-Nov-12 21:19 UTC
2.3.17 update breaks dsync over tcps: Received invalid SSL certificate unable to get certificate CRL
Hi, I have updated dovecot from 2.3.16 (working flawless ) to 2.3.17 ( both Centos8 - community repo ) . Now dsync does not work anymore, logs shows: dovecot[30398]: doveadm(vmail): Error: Disconnected from remote: Received invalid SSL certificate: unable to get certificate CRL: /CN=imap.signed.with.my.own.ca(check ssl_client_ca_* settings?) I have a certificate signed by my "own CA". Both hosts trust my CA, and as I told previously, the configuration works just fine on 2.3.16. I really was not expecting that a minor update would break things, but 2.3.17 appears to have broken the setup for some people here in the maillists. Is there a workaround for this? I have tried to set ssl_require_crl no , but nothing changed. I have: service doveadm { inet_listener { port = 26 ssl = yes } } ssl = required ssl_ca = </etc/ssl/certs/mail-cluster-communication_ca.pem ssl_cert = </etc/ssl/certs/mail-cluster-communication.crt ssl_key = # hidden, use -P to show it Thanks! Atenciosamente/Kind regards, Salatiel