Imap Blues - RH9 - ipop3d
I am trying to setup Imap capabilities on my server, jungleg.com hosted at linode.
I setup the UW-Imap application, generated the keys using openssl, and have it set to listen on port 995. (I followed this tutorial
I try to access it from Thunderbird, and I get an error "could not get access because certificate is invalid or corrupted".
This is the dialog I am getting from a remote location, thanks for any direction!!!
fetchmail: 6.2.0 querying
fetchmail: Issuer Organization: JungleG Inc.
fetchmail: Issuer CommonName:
fetchmail: Server CommonName:
fetchmail:
fetchmail: Warning: server certificate verification: self signed certificate
fetchmail: Issuer Organization: JungleG Inc.
fetchmail: Issuer CommonName:
fetchmail: Server CommonName:
fetchmail: Warning: server certificate verification: certificate signature failure
fetchmail: Issuer Organization: JungleG Inc.
fetchmail: Issuer CommonName:
fetchmail: Server CommonName:
fetchmail: Warning: server certificate verification: certificate signature failure
fetchmail: IMAP< +OK POP3 li7-233.members.linode.com v2001.78rh server ready
fetchmail: IMAP> A0001 CAPABILITY
fetchmail: IMAP< -ERR Unknown AUTHORIZATION state command
fetchmail: IMAP< -ERR Autologout; idle for too long
fetchmail: Unknown login or authentication error on
fetchmail: socket error while fetching from
fetchmail: 6.2.0 querying
fetchmail: Query status=2 (SOCKET)
fetchmail: normal termination, status 2
3 Replies
http://hublog.hubmed.org/archives/001075.html
You need to first generate a root CA certificate.
This then signs certs for various services.
The root cert needs to be installed on client computers in order avoid the nasty invalid cert error.
I haven't used thunderbird, but you should be able to browse to the ca.crt root CA certificate generated using firefox and it will give the option of installing it for mail purposes.
I have self signed a root cert and I'm currently using it for a OSX client (Entourage) and Outlook2003 on XP.
In XP you can doubleclick the ca.crt file to install.
I can't remember exactly how I did the OSX install, a bit trickier had to use some x509_auth or some such program to get the keychain to accept.