| Author |
Message |
jungleg
Joined: 24 Feb 2004
Posts: 11
|
| Posted: Sat Mar 12, 2005 3:28 pm Post subject: Imap Blues - RH9 - ipop3d |
|
|
Hi,
I am trying to setup Imap capabilities on my server, jungleg.com hosted at linode.
I setup the UW-Imap application, generated the keys using openssl, and have it set to listen on port 995. (I followed this tutorial http://www.vanemery.com/Protocols/POP/pop3-rh9-howto.html)
I try to access it from Thunderbird, and I get an error "could not get access because certificate is invalid or corrupted".
This is the dialog I am getting from a remote location, thanks for any direction!!!
fetchmail: 6.2.0 querying www.jungleg.com (protocol IMAP) at Sat Mar 12 15:16:04 2005: poll started
fetchmail: Issuer Organization: JungleG Inc.
fetchmail: Issuer CommonName: www.jungleg.com
fetchmail: Server CommonName: www.jungleg.com
fetchmail: www.jungleg.com key fingerprint: 33:54:20:E3:41:0A:37:A8:CB:39:62:F5:89:97:EE:EA
fetchmail: Warning: server certificate verification: self signed certificate
fetchmail: Issuer Organization: JungleG Inc.
fetchmail: Issuer CommonName: www.jungleg.com
fetchmail: Server CommonName: www.jungleg.com
fetchmail: Warning: server certificate verification: certificate signature failure
fetchmail: Issuer Organization: JungleG Inc.
fetchmail: Issuer CommonName: www.jungleg.com
fetchmail: Server CommonName: www.jungleg.com
fetchmail: Warning: server certificate verification: certificate signature failure
fetchmail: IMAP< +OK POP3 li7-233.members.linode.com v2001.78rh server ready
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< -ERR Unknown AUTHORIZATION state command
fetchmail: IMAP< -ERR Autologout; idle for too long
fetchmail: Unknown login or authentication error on jorescobar@jungleg.com
fetchmail: socket error while fetching from www.jungleg.com
fetchmail: 6.2.0 querying www.jungleg.com (protocol IMAP) at Sat Mar 12 15:19:04 2005: poll completed
fetchmail: Query status=2 (SOCKET)
fetchmail: normal termination, status 2 |
|
| Back to top |
|
gmt
Joined: 20 Jul 2003
Posts: 96
Location: Tropical Queensland, Australia
|
| Posted: Sat Mar 12, 2005 7:23 pm Post subject: |
|
|
| After wasting weeks tryng to get IMAP installed (sasl authorisation errors), I downloaded http://www.dovecot.org/ and got IMAP working in an hour. |
|
| Back to top |
|
Ciaran
Joined: 13 Feb 2004
Posts: 140
Location: England, UK
|
| Posted: Sat Mar 12, 2005 7:34 pm Post subject: |
|
|
| jungleg: Your certificate is self-signed. That alone will cause a lot of programs to at least ask the user whether or not to accept it. I don't know how Thunderbird works but somewhere there'll probably be an option to let you accept invalid or suspect SSL certificates - turn it on and then when you use it on your server, accept the certificate. Hopefully it should work then. |
|
| Back to top |
|
dacoffey
Joined: 18 Feb 2005
Posts: 5
Location: Morgantown, WV
|
| Posted: Sun Mar 13, 2005 1:21 am Post subject: |
|
|
I found this guide http://hublog.hubmed.org/archives/001075.html helpful in setting up SSL.
You need to first generate a root CA certificate.
This then signs certs for various services.
The root cert needs to be installed on client computers in order avoid the nasty invalid cert error.
I haven't used thunderbird, but you should be able to browse to the ca.crt root CA certificate generated using firefox and it will give the option of installing it for mail purposes.
I have self signed a root cert and I'm currently using it for a OSX client (Entourage) and Outlook2003 on XP.
In XP you can doubleclick the ca.crt file to install.
I can't remember exactly how I did the OSX install, a bit trickier had to use some x509_auth or some such program to get the keychain to accept. |
|
| Back to top |
|
| |
