Menu
▾
▴
[fetchmail-devel] [Bug #17073] ssl certificate verification broken in fetchmail 6.3.16
|
From: <ad...@be...> - 2010-04-12 16:15:50
|
Bug #17073, was updated on 2010-Apr-12 10:15 Here is a current snapshot of the bug. Project: fetchmail Category: None Status: Open Resolution: None Bug Group: None Priority: 5 Submitted by: darose Assigned to : none Summary: ssl certificate verification broken in fetchmail 6.3.16 Details: As I indicated in a bug at the Arch Linux distro site (http://bugs.archlinux.org/task/19043) upgrading to FM 6.3.16 broke my mail fetch. Downgrading back to 6.3.14 fixes it. [darose@darsys12 ~]$ /usr/bin/fetchmail -v fetchmail: 6.3.16 querying darose.net (protocol POP3) at Sun 11 Apr 2010 10:41:11 AM EDT: poll started Trying to connect to 208.97.132.208/995...connected. fetchmail: Issuer Organization: New Dream Network, LLC fetchmail: Issuer CommonName: New Dream Network Certificate Authority fetchmail: Server CommonName: *.mail.dreamhost.com fetchmail: darose.net key fingerprint: 17:F7:F2:FF:4A:9D:C3:D3:2B:8A:E9:12:47:C4:A4:28 fetchmail: Server certificate verification error: unable to get local issuer certificate 139713097279144:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:1056: fetchmail: SSL connection failed. fetchmail: socket error while fetching from da...@da...@darose.net fetchmail: 6.3.16 querying darose.net (protocol POP3) at Sun 11 Apr 2010 10:41:12 AM EDT: poll completed fetchmail: Query status=2 (SOCKET) fetchmail: normal termination, status 2 [darose@darsys12 ~]$ /usr/bin/fetchmail -v fetchmail: 6.3.14 querying darose.net (protocol POP3) at Sun 11 Apr 2010 10:40:43 AM EDT: poll started Trying to connect to 208.97.132.208/995...connected. fetchmail: Issuer Organization: New Dream Network, LLC fetchmail: Issuer CommonName: New Dream Network Certificate Authority fetchmail: Server CommonName: *.mail.dreamhost.com fetchmail: darose.net key fingerprint: 17:F7:F2:FF:4A:9D:C3:D3:2B:8A:E9:12:47:C4:A4:28 fetchmail: POP3< +OK Hello there. fetchmail: POP3> CAPA fetchmail: POP3< +OK Here's what I can do: fetchmail: POP3< STLS fetchmail: POP3< TOP fetchmail: POP3< USER fetchmail: POP3< LOGIN-DELAY 10 fetchmail: POP3< PIPELINING fetchmail: POP3< UIDL fetchmail: POP3< IMPLEMENTATION Courier Mail Server fetchmail: POP3< . fetchmail: POP3> USER da...@da... fetchmail: POP3< +OK Password required. fetchmail: POP3> PASS * fetchmail: POP3< +OK logged in. fetchmail: POP3> STAT fetchmail: POP3< +OK 0 0 fetchmail: No mail for da...@da... at darose.net fetchmail: POP3> QUIT fetchmail: POP3< +OK Bye-bye. fetchmail: 6.3.14 querying darose.net (protocol POP3) at Sun 11 Apr 2010 10:40:44 AM EDT: poll completed fetchmail: normal termination, status 1 My fetchmailrc is as follows: set postmaster "root" set bouncemail set no spambounce set properties "" poll darose.net via <my dreamhost mail server>.mail.dreamhost.com with proto POP3 user 'da...@da...' there with password '<my password>' is 'darose' here options fetchall ssl sslcertck sslcertpath /home/darose/certs And the certs directory contains dreamhost's "ndn" (New Dream Network) ssl cert: [darose@darsys12 .fetchmail]$ ls -l /home/darose/certs total 16 lrwxrwxrwx 1 darose users 10 Aug 1 2008 17a3f64c.0 -> ndn.ca.pem lrwxrwxrwx 1 darose users 19 Aug 1 2008 2bbe502b.0 -> mail.darose.net.pem -rw-r--r-- 1 darose users 1578 Aug 1 2008 mail.darose.net.pem -rw-r--r-- 1 darose users 2151 Aug 1 2008 ndn.ca.crt -rw-r--r-- 1 darose users 1546 Aug 1 2008 ndn.ca.der -rw-r--r-- 1 darose users 2151 Aug 1 2008 ndn.ca.pem Any ideas? Thanks! For detailed info, follow this link: http://developer.berlios.de/bugs/?func=detailbug&bug_id=17073&group_id=1824 |
