similar to: is a self signed certificate always invalid the first time?

Displaying 20 results from an estimated 10000 matches similar to: "is a self signed certificate always invalid the first time?"

2017 Aug 10
8
is a self signed certificate always invalid the first time?
On Wed, 9 Aug 2017 08:39:30 -0700 Gregory Sloop <gregs at sloop.net> wrote: > AV> So i?m using dovecot, and i created a self signed certificate > AV> with mkcert.sh based on dovecot-openssl.cnf. The name in there matches > AV> my mail server. > > AV> The first time it connects in mac mail however, it says the > AV> certificate is invalid and another
2017 Aug 10
4
is a self signed certificate always invalid the first time?
> On 10 August 2017, at 04:37, Alef Veld <alefveld at outlook.com> wrote: > > I completely agree (having said that I'm pretty new to all this so I might be full of it). > > You should run your own CA if you have an active financial interest in your company (say your the owner). No added benefit to have your certificate certified by a third party, why would they care
2017 Aug 09
3
is a self signed certificate always invalid the first time?
Thanks Ralph, i?ll look into that. I think let?s encrypt uses certbot though and it can?t do email certificates (although i?m sure i can convert the cert i get from let?s encrypt, i?ll look into it. > On 9 Aug 2017, at 16:40, Ralph Seichter <m16+dovecot at monksofcool.net> wrote: > > On 09.08.2017 17:20, Alef Veld wrote: > >> So i?m using dovecot, and i created a self
2017 Aug 10
0
is a self signed certificate always invalid the first time?
I completely agree (having said that I'm pretty new to all this so I might be full of it). You should run your own CA if you have an active financial interest in your company (say your the owner). No added benefit to have your certificate certified by a third party, why would they care about that one client). Ofcourse people would say "but ofcourse you would verify your own
2017 Aug 10
0
is a self signed certificate always invalid the first time?
SvK> On Wed, 9 Aug 2017 08:39:30 -0700 SvK> Gregory Sloop <gregs at sloop.net> wrote: >> AV> So i?m using dovecot, and i created a self signed certificate >> AV> with mkcert.sh based on dovecot-openssl.cnf. The name in there matches >> AV> my mail server. >> AV> The first time it connects in mac mail however, it says the >> AV>
2017 Aug 10
0
is a self signed certificate always invalid the first time?
I can't see any security advantages of a self signed cert. If the keypair is generated locally (which it should) a certificate signed by an external CA can't be worse just by the additional signature of the external CA. Better security can only be gained if all users are urged to remove all preinstalled trusted CAs from their mail clients (which seems impractical). Else an attacker could
2017 Aug 09
4
is a self signed certificate always invalid the first time?
Cheers Remko and Ralph. I think there was some mention in the lets encrypt FAQ that certbot doesn't do email. But I understand I can use their generated very for dovecot, postfix and https? That would be good indeed. Anyone know of any manual, or can I just replace the certs in the dovecot and postfix locations with theirs? Do dovecot, postfix and apache all support .pem format? Sent from
2017 Aug 09
0
is a self signed certificate always invalid the first time?
AV> So i?m using dovecot, and i created a self signed certificate AV> with mkcert.sh based on dovecot-openssl.cnf. The name in there matches my mail server. AV> The first time it connects in mac mail however, it says the AV> certificate is invalid and another server might pretend to be me etc. AV> I then have the option of trusting it. AV> Is this normal behaviour? Will it
2005 Feb 22
1
Problems with Dovecot and self-signed cert
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've recently set up a Red Hat Enterprise Linux 4 WS server, and decided to try using Dovecot as my IMAP server, as I was impressed with the dedication to security that seems to be the core development goal. I'm really happy with it, but I can't get it to work with a self-signed cert. Normally, on a RHEL system, you just go into
2006 Jun 07
2
mkcert.sh broken
I've just installed dovecot on my FC5 box. I tweaked the dovecot-openssl.cnf and attempted to recreate the cert but get the errors below. I see older postings about this problem on FC2. help? - e # ./mkcert.sh /etc/ssl/certs directory doesn't exist /etc/ssl/private directory doesn't exist error on line -1 of dovecot-openssl.cnf 2810:error:02001002:system library:fopen:No such
2019 Sep 07
4
Multiple certificate option
What is the best way to adopt multiple certs? Thanks.
2007 Feb 24
1
openssl mkcert problem
Hello, Can someone point me to what I should do to install the missing files? I am trying to generate self-signed certificates using mkcert.sh but I get the following error: $ /usr/local/share/dovecot/mkcert.sh error on line -1 of ./dovecot-openssl.cnf} 6213:error:02001002:system library:fopen:No such file or
2020 Apr 21
2
Dovecot 2.3.10 fails to start due to missing dependency
-- Message 3 - Second Response -- Aki, I pasted all you requested to Pastebin.com https://pastebin.com/fVLD495y Thank you for your assistance, - Jacob -- Message 2 - Initial Response -- On 4/21/20 2:43 AM, Aki Tuomi wrote: > Can you show > > journalctl -xe > > and > > systemctl status dovecot-init > > and > > /var/log/messages > > Aki -- Message 1 -
2008 Dec 24
1
/etc/dovecot.conf says mkcert.sh is in doc/mkcert.sh but instead it is in /usr/libexec/dovecot/mkcert.sh
Perhaps this is an issue unique to installing from an RPM, but: % dovecot -n # 1.1.7: /etc/dovecot.conf # OS: Linux 2.6.27.7-134.fc10.i686 i686 Fedora release 10 (Cambridge) /etc/dovecot.conf says: ... ## ## SSL settings ## # IP or host address where to listen in for SSL connections. Defaults # to above if not specified. #ssl_listen = # Disable SSL/TLS support. #ssl_disable = no # PEM encoded
2005 Mar 09
1
Minor documentation bug with 0.99.14
The sample dovecot-example.conf contains these lines: > # PEM encoded X.509 SSL/TLS certificate and private key. They're opened before > # dropping root privileges, so keep the key file unreadable by anyone but > # root. Included doc/mkcert.sh can be used to easily generate self-signed > # certificate, just make sure to update the domains in dovecot-openssl.cnf > #ssl_cert_file
2008 Jan 30
2
SSL certificate?
When I install an SSL certificate, I can't find a config option to set configure the Server Certificate Chain file... Is this not possible or can I do it another way? (When I connect, I am being told the Signature status is uncheckable...) Regards, BTJ -- ----------------------------------------------------------------------------------------------- Bj?rn T Johansen btj at havleik.no
2012 Jul 04
3
files missed from install
version: using dovecot 2.1.8 or 2.0.12 bug: installation - some files missed details: dovecot-openssl.cnf and mkcert.sh are not copied from the src/doc folder to the installation doc folder on installation (make install) both are referred to in the documentation and are useful. is there any chance of updating the build scripts to include these files? thanks, Tim
2017 Aug 10
4
Certificate cache on iOS with sending mail
On Thu, 10 Aug 2017, Larry Rosenman wrote: > Which mail client on iOS? Sorry, maybe not iOS, but definitely MacOSX Mail app. Joseph Tam <jtam.home at gmail.com>
2016 Jun 15
8
https and self signed
I followed the instructions here https://wiki.centos.org/HowTos/Https Checking port 80 I get the file... curl http://localhost/file.html <HTML> <FORM> Working </FORM> </HTML> Checking port 443 I get and error curl https://localhost/file.html curl: (60) Peer's certificate issuer has been marked as not trusted by the user. More details here:
2018 Feb 02
2
Problem with CentOS package for 2.3.0 and old dependency in systemd with clean install
Hi, you definitely have a problem with the packages out of your own repo for version 2.3.0 and CentOS. And this is only if you do a clean install, meaning there was no lower dovecot version ever running on the system. If you want to 'systemctl start dovecot' it breaks with a dependency error which comes from dovecot-init.service. dovecot-init.service : [Unit] Description=One-time