Re: [fetchmail-users] CommonName mismatch after fetchmail upgrade

[Rob M. <rob...@gm...>]

On 2/17/07, thomas <tho...@gm...> wrote:
> Hello,
>
> I have upgraded to fetchmail "6.3.6+NTLM+SDPS+SSL+NLS" (the one
> shipped with Debian Etch). My setup always worked sofar, but since I
> get the following error :
>
> fetchmail: 6.3.6 querying pop.myuniversity.tld (protocol POP3) at sam
> 17 fév 2007 21:40:46 CET: poll started
<---SNIP--->
> fetchmail: POP3< +OK start TLS negotiation
> fetchmail: Issuer Organization: Stalker Software, Inc.
> fetchmail: Issuer CommonName: stalker.com
> fetchmail: Server CommonName: myuniversity.tld
> fetchmail: Server CommonName mismatch: myuniversity.tld != pop.myuniversity.tld
> fetchmail: pop.myuniversity.tld key fingerprint:
> 17:A5:89:D2:05:6F:41:6B:32:4C:9E:14:78:02:59:B6
> fetchmail: Server certificate verification error: unable to get local
> issuer certificate
> fetchmail: Server certificate verification error: certificate not trusted
> fetchmail: Server certificate verification error: unable to verify the
> first certificate
> fetchmail: pop.myuniversity.tld: upgrade to TLS succeeded.
> fetchmail: POP3> USER MYLOGIN
> fetchmail: POP3< +OK please send the PASS
> fetchmail: POP3> PASS *
> fetchmail: POP3< -ERR secure access to this account is disabled
> fetchmail: secure access to this account is disabled
<----SNIP--->
> Maybe the certificate of my university is wrong, but the old version
> of fetchmail had no problem to fetch the emails, so there must be a
> workaround.

The "old version" (you don't say which, but I suspect a pretty old
one) obviously didn't attempt to support TLS.  Simply disable TLS:

http://www.fetchmail.info/fetchmail-FAQ.html#K6

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche