RE: Fetchmail certificate problem

To: <debian-user@lists.debian.org>
Subject: RE: Fetchmail certificate problem
From: Arno Schuring <aelschuring@hotmail.com>
Date: Fri, 28 Oct 2011 11:36:01 +0000
Message-id: <[🔎] SNT108-W61BAC6CECC26FDFD7C4122B8D30@phx.gbl>
In-reply-to: <[🔎] 20111028061946.GA15856@sun.ac.za>
References: <[🔎] 20111028061946.GA15856@sun.ac.za>

> From: jspies@sun.ac.za
[..]
> fetchmail: Server certificate verification error: self signed certificate
> fetchmail: This means that the root signing certificate (issued for /C=US/ST=Someprovince/L=Sometown/O=none/OU=none/CN=localhost/emailAddress=webaster@localhost) is not in the trusted CA certificate locations, or that c_rehash needs to be run on the certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page.
> fetchmail: Warning: the connection is insecure, continuing
> anyways. (Better use --sslcertck!)
[..]
>
> fetchmail: Server CommonName mismatch: localhost != alterit.co.za
This might still cause a problem when you get the certificate working.

> The service provider sent me a certificiate which I did put in the path
> referred to in the configuration but it did not solve the problem.

/etc/ssl/certs is a managed location (yes, I know, not strictly FHS compliant).

You need to put the certificate in /usr/local/share/ca-certificates (from memory, please double-check with the ca-certificates documentation) and re-run update-ca-certificates.

 
Regards,
Arno

Reply to:

References:
- Fetchmail certificate problem
  - From: Johann Spies <jspies@sun.ac.za>

Prev by Date: Re: Debian on Nokia N900?
Next by Date: Re: laptop wireless setup, wpa_supplicant.conf, driver ipw not supported? CLI only
Previous by thread: Re: Fetchmail certificate problem
Next by thread: Re: Fetchmail certificate problem
Index(es):
- Date
- Thread