Menu
▾
▴
Re: [fetchmail-users] What is a "local issuer certificate"?
|
From: Matthias A. <mat...@gm...> - 2006-07-01 11:38:49
|
Paul Elliott <pel...@io...> writes: > When I run fetchmail to get mail from my IMAP server > I get the following messages: > > fetchmail: Server certificate verification error: unable to get local issuer certificate > fetchmail: Server certificate verification error: certificate not trusted > fetchmail: Server certificate verification error: unable to verify the first certificate > > > My question is: what is a "local issuer certificate"? > > Is it the public key associated with my IMAP server? > Or is it the public key associated with my local fetchmail > client? > > In any case how do I create and/or get one to make the error go > away? That depends. Usually the fix to is make sure that fetchmail can find the root certificate. Some self-signed certificates are provided without the signing root certificate; ask the operator of the server. Older fetchmail versions did not set the certificate authorities' path properly, updating to 6.3.4 should then fix that. As a workaround, run fetchmail with -v to see the MD5 fingerprint, call the server's operator to verify the fingerprint, and use the --sslfingerprint option. This, too, needs a recent fetchmail version to work properly. -- Matthias Andree |
