similar to: More about my SSL certificate problem

HotSlots Webmaster <webmaster at hotslots132.com> writes: > I have had Dovecot working fine with SSL for nearly two years now. It's > time to renew the SSL certificate, so I did (same CA). The new > certificate works fine in Apache and Postfix. But when I update Dovecot > to use the same certificate, and restart the server, Dovecot stops > responding to connects. > ...

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 07/08/2019 00:37 Joseph Tam via dovecot < <a href="mailto:dovecot@dovecot.org">dovecot@dovecot.org</a>> wrote: </div>

On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) Joseph Tam <jtam.home at gmail.com> wrote: > Michael Felt <michael at felt.demon.nl> writes: > > >> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is > >> written in pure shell script, so no python dependencies. > >> https://github.com/Neilpang/acme.sh > > > > Thanks - I might

On Sat, 19 Aug 2017 21:39:18 -0400 KT Walrus <kevin at my.walr.us> wrote: > > On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> > > wrote: > > > > On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) > > Joseph Tam <jtam.home at gmail.com> wrote: > > > >> Michael Felt <michael at felt.demon.nl> writes: >

I deleted the certificate already, but I think it only uses that for imap/dovecot. I don't think it actually stores one for smtps (or am I not talking sense here). Sent from my iPhone > On 10 Aug 2017, at 23:25, Joseph Tam <jtam.home at gmail.com> wrote: > > >> On Thu, 10 Aug 2017, Larry Rosenman wrote: >> >> Which mail client on iOS? > > Sorry,

Sent from my iPhone > On 14 Aug 2017, at 13:03, Alef Veld <alefveld at outlook.com> wrote: > > Hey Mike. > The iPhone and MacBook started working, but the two remaining iMacs still have problems. It's really weird. But if the first 2 are working it MUST be something local right? > > I removed the servers and re-added but no go. Maybe I'll need to remove the plist

On Sun, 20 Aug 2017 12:29:49 -0400 KT Walrus <kevin at my.walr.us> wrote: > > On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski <skraw at ithnet.com> > > wrote: > > > > On Sat, 19 Aug 2017 21:39:18 -0400 > > KT Walrus <kevin at my.walr.us> wrote: > > > >>> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at

Marco Marco writes writes: > I've bought a certificate from the authority for my website to use to > access in https mode. > > Is it possible to share the same pairs to authenticate the emails sent > by postfix and Dovecot in order to avoid that client as Hotmail.it or > Gmail intercept these as Spam? By "same pairs", I assume you mean key and certificate. Yes,

> Alpine still gives me a bad cert warning, saying I should either fix it > or disable checking. I haven't yet found a way to get Alpine to > discriminate between a valid self-signed cert and a bad one. Well, it can't discriminate since any certificate (except those in your trusted store) that asserts its own validity is suspect. You can either get alpine to not complain e.g.

Joseph Ward writes: > I'm aware of at least a couple of fallback options: > ??? -have a self-signed cert for replication and use the Let's Encrypt > one for IMAP/POP > ??? - create firewall rules allowing them to connect to each other over > the public internet so that it can validate the proper cert > ? > These are both much less palatable than simply disabling the

With PKIX validation the certificate should match the hostname. With SMTP, the hostname should match the reverse IP though often it does not. Using subdomains gives you flexibility. with DANE validation, it is DNSSEC that validates the fingerprint to the hostname so I do not believe there is a need for the hostname in the cert to match anything, but DANE validation is currently not used by

On Thu, 10 Aug 2017, Larry Rosenman wrote: > Which mail client on iOS? Sorry, maybe not iOS, but definitely MacOSX Mail app. Joseph Tam <jtam.home at gmail.com>

Michael Felt <michael at felt.demon.nl> writes: >> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is >> written in pure shell script, so no python dependencies. >> https://github.com/Neilpang/acme.sh > > Thanks - I might look at that, but as Ralph mentions in his reply - > Let's encrypt certs are only for three months - never ending circus.

Alef Veld writes: >> I'm wondering if there is any cache for a certificate or something, my >> maillog shows up something like 10 bytes read, -1. So it returns an >> error. I deleted the accounts and created them again, still no go. >> >> Anyone had anything similar before? On top of the usual mail set up problems (and it appears to be some SSL/STARTLS port

> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> wrote: > > On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) > Joseph Tam <jtam.home at gmail.com> wrote: > >> Michael Felt <michael at felt.demon.nl> writes: >> >>>> I use acme.sh for all of my LetsEncrypt certs (web & mail), it is >>>> written in pure

On Mon, Jun 15, 2015 at 09:32:39AM -0400, Steve Matzura wrote: > What is the reasoning behind that `<' anyway? It just appears so odd > that a path should have that at its front. I would guess: - make it clearer it's a file and not a string - follow similar syntax as input redirection in sh/perl/.. B

> On Aug 20, 2017, at 11:52 AM, Stephan von Krawczynski <skraw at ithnet.com> wrote: > > On Sat, 19 Aug 2017 21:39:18 -0400 > KT Walrus <kevin at my.walr.us> wrote: > >>> On Aug 18, 2017, at 4:05 AM, Stephan von Krawczynski <skraw at ithnet.com> >>> wrote: >>> >>> On Fri, 18 Aug 2017 00:24:39 -0700 (PDT) >>> Joseph

> On December 5, 2016 at 9:55 PM Joseph Tam <jtam.home at gmail.com> wrote: > > > > Timo announced: > > > https://dovecot.org/releases/2.2/dovecot-2.2.27.tar.gz > > https://dovecot.org/releases/2.2/dovecot-2.2.27.tar.gz.sig > > > > Note that the download URLs are now https with a certificate from Let's Encrypt. > > wget complained

Evolution prompted to accept the cert; which I did. Thunderbird used to prompt and allow acceptance; it no longer does... well sorta does. See my other posting for a screenshot where it shows "add server location https:// ...." HTTPS . no way to add from SMTP. Have also tried typing smtp://host:25 and https://host:25 On 4/30/20 5:39 PM, Joseph Tam wrote: > On Thu, 30 Apr 2020,

I'd considered doing it at the internal DNS server level which I wasn't a fan of because it's a separate server's config that I'd have to rely on to make sure this server was working.? The thought of the local hosts file slipped my mind.? That is a good idea; it meets my needs, and keeps everything in the same "create mail server" ansible file. Thank you! -Joseph