Menu
▾
▴
Re: [fetchmail-users] unable to get local issuer certificate
|
From: Andy M. <an...@oa...> - 2008-09-12 19:50:43
|
! Date: Fri, 12 Sep 2008 18:23:39 +0200 ! From: Matthias Andree <mat...@gm...> ! To: fet...@li... ! Subject: Re: [fetchmail-users] unable to get local issuer certificate ! ! Andy Malato schrieb: ! > Hello All, ! > ! > ! > I'm currently trying to get fetchmail release 6.3.8+SSL+HESIOD+NLS ! > working but am running into problems with SSL certificate verification. ! > ! > The version of OpenSSL I am using is OpenSSL 0.9.8d on RHEL 4. ! > ! > ! > I have specified the following options in my config file : ! > ! > poll mymailhost proto pop3 uidl no dns ! > user mailuser ! > sslcertck sslcertpath /usr/share/ssl/certs ! > ! > When I invoke fetchmail, I get the following : ! > ! > Enter password for mailuser@mymailhost: ! > fetchmail: 6.3.8 querying mymailhost (protocol POP3) at Fri Sep 12 ! > 10:59:10 2008: poll started ! > Trying to connect to 10.0.0.17/995...connected. ! > fetchmail: Server certificate verification error: unable to get local ! > issuer certificate ! > 29071:error:14090086:SSL ! > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify ! > failed:s3_clnt.c:843: ! ... ! > If I remove the sslcertck option, things work fine. ! > ! > ! > If I run : ! > ! > openssl s_client -connect mymailhost:993 -CApath /usr/share/ssl/certs ! > ! > Things appear to be OK, i.e., The SSL Handshake completes ok with Verify ! > return code of 0. ! ! Do you get the same results with "-verify 5" here? Yes ! Did you run c_rehash /usr/share/ssl/certs after installing any certificates? Yes ! ! Is your RHEL fully patched? Yes ! ! HTH ! ! -- ! Matthias Andree ! ! _______________________________________________ ! fetchmail-users mailing list ! fet...@li... ! https://lists.berlios.de/mailman/listinfo/fetchmail-users ! |
