Re: Fetchmail certificate problem
On Fri, 28 Oct 2011 08:19:46 +0200, Johann Spies wrote:
> With the following fetchmail config:
>
> poll xxxx protocol imap:
> no dns
> # port 993
> user johann.spies@alterit.co.za js here password "xxxxxxx"
> # ssl
> # sslcertck # Check the certificates #
> sslcertpath /etc/ssl/certs # Path to the certificates
> fetchall
> mda "formail -s /usr/bin/procmail -f- -d js@localhost"
>
> I get this error message:
>
> fetchmail: Server certificate verification error: self signed
> certificate
(...)
That's a normal warning.
> But I get my email.
Good.
> Changing it to uncomment
>
> sslcertck and
> sslcertpath /etc/ssl/certs
>
> I get this:
>
> fetchmail: Server CommonName mismatch: localhost != alterit.co.za
> fetchmail: Server certificate verification error: self signed
> certificate fetchmail: This means that the root signing certificate
> (issued for
> /C=US/ST=Someprovince/L=Sometown/O=none/OU=none/CN=localhost/
emailAddress=webaster@localhost)
> is not in the trusted CA certificate locations, or that c_rehash needs
> to be run on the certificate directory. For details, please see the
> documentation of --sslcertpath and --sslcertfile in the manual page.
(...)
> In this case fetching the email fails.
That's bad ;-(
> The service provider sent me a certificiate which I did put in the path
> referred to in the configuration but it did not solve the problem.
>
> How can I solve this problem?
Maybe is that you need to update CA certificate database? :-?
(read "man update-ca-certificates")
Greetings,
--
Camaleón
Reply to: