Hello,
on 2019/8/29 10:54, René Berber wrote:
Check the sslcertpath parameter used by fetchmail, see if it points to
the certificates (/etc/pki/tls/certs or /etc/ssl/certs). Also sslkey if
there is one.
The parameter(s) could/should be in ~/.fetchmailrc .
Yes the certs files are there:
$ ls /etc/pki/tls/certs
ca-bundle.crt ca-bundle.trust.crt
$ ls /etc/ssl/certs
ca-bundle.crt ca-bundle.trust.crt
fetchmail -v got the same error at the bottom lines.
unable to get local issuer certificate
fetchmail: Broken certification chain at: /C=US/O=DigiCert
Inc/OU=www.digicert.com/CN=GeoTrust RSA CA 2018
fetchmail: This could mean that the server did not provide the
intermediate CA's certificate(s), which is nothing fetchmail could do
anything about. For details, please see the README.SSL-SERVER document
that ships with fetchmail.
fetchmail: This could mean that the root CA's signing certificate is not
in the trusted CA certificate location, or that c_rehash needs to be run
on the certificate directory. For details, please see the documentation
of --sslcertpath and --sslcertfile in the manual page.
fetchmail: OpenSSL reported: error:1416F086:SSL
routines:tls_process_server_certificate:certificate verify failed
Thank you.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
