Laura Smith
2022-Jan-26 00:09 UTC
Received invalid SSL certificate: unable to get certificate CRL
??????? Original Message ???????> > I thought that > > ssl_ca = </etc/ssl/certs/ca-certificates.crt > > is worth a try.Does ssl_ca even apply to dsync/imapc ? Looking at the docs its all about client certificate authentication ? Something which does not apply to my environment, and even if it did, it would not apply to dsync/imapc because I am initiating the connection, not the remote end ?
Markus Winkler
2022-Jan-26 09:19 UTC
Received invalid SSL certificate: unable to get certificate CRL
Hi Laura, On Wed, 26 Jan 2022 at 12:09:04AM +0000, Laura Smith wrote:>??????? Original Message ??????? >> >> I thought that >> >> ssl_ca = </etc/ssl/certs/ca-certificates.crt >> >> is worth a try. > > >Does ssl_ca even apply to dsync/imapc ?as I wrote: I cannot test your scenario and the link to the documentation I sent was only a rough idea.>Looking at the docs its all about client certificate authentication ? Something which does not apply to my environment, and even if it did, it >would not apply to dsync/imapc because I am initiating the connection, not the remote end ?In my understanding this parameter is not only about client certificate authentication. If you want, then please have a look at this: https://doc.dovecot.org/settings/core/#core_setting-ssl_ca [...] These CAs are also used by some processes for validating outgoing SSL connections, i.e. performing the same function as ssl_client_ca_file. [...] And that's why I wrote: it's worth a try (it takes only two minutes to test it ...). IMHO of course. If you don't want to test it, OK. But I have no further ideas, sorry. Regards, Markus