Displaying 3 results from an estimated 3 matches for "x509cafile".
2017 Jul 07
5
STARTTLS issue with sieve
Hi all,
I am currently struggling with an odd sieve/Pigeonhole issue. Some weeks
ago I had to replace our dovecot certificate due to expiration. In the
past I did use a self-signed certificate, but because we now have a
little openssl based CA I have decided to create signed certificate for
imaps. Dovecot is happily accepting the new certificate which has
integrated the whole cert-chain.
2017 Jul 08
0
STARTTLS issue with sieve
...ificate with:
>
> openssl verify -verbose -CAfile /etc/ssl/certs/ca-chain.cert.pem
> /etc/ssl/certs/mail.novanetwork.local.cert.pem
> /etc/ssl/certs/mail.novanetwork.local.cert.pem: OK
How do you know that gnutls-cli uses the same CA file? Try passing the
CA file to gnutls-cli?
The --x509cafile seems to be hardcoded in /usr/lib/x86_64-linux-gnu/libgnutls.so.30 (Debian9, amd64)
$ strings /usr/lib/x86_64-linux-gnu/libgnutls.so.30 | grep '/etc/ssl'
/etc/ssl/certs/ca-certificates.crt
So, on my system gnutls-cli seems to use the same CA store
(/etc/ssl/certs) as openssl.
Best re...
2017 Jul 10
2
STARTTLS issue with sieve
...verify -verbose -CAfile /etc/ssl/certs/ca-chain.cert.pem
>> /etc/ssl/certs/mail.novanetwork.local.cert.pem
>> /etc/ssl/certs/mail.novanetwork.local.cert.pem: OK
>
> How do you know that gnutls-cli uses the same CA file? Try passing the
> CA file to gnutls-cli?
>
> The --x509cafile seems to be hardcoded in /usr/lib/x86_64-linux-gnu/libgnutls.so.30 (Debian9, amd64)
>
> $ strings /usr/lib/x86_64-linux-gnu/libgnutls.so.30 | grep '/etc/ssl'
> /etc/ssl/certs/ca-certificates.crt
>
> So, on my system gnutls-cli seems to use the same CA store
> (/etc/ssl/c...