-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 18 Feb 2010, Arne K. Haaje wrote:
I'm using the same certificate for dovecot and https. My settings in
dovecot.conf are;
ssl_cert_file = /etc/ssl/certs/hostname.pem
ssl_key_file = /etc/ssl/private/hostname.key
This part from the user guide is very important if you received a "bundle /
chain" of CA certificates from Verisign;
Chained SSL certificates
Put all the certificates in the ssl_cert_file file. For example when using a
certificate signed by TDC the correct order is:
1. Dovecot's public certificate
2. TDC SSL Server CA
3. TDC Internet Root CA
4. Globalsign Partners CA
Do I assume that the Verisign CA's root cert is part ofThunderbird by
default? Otherwise you would need to add the root cert manually.
Also, I have explicitly set the CA file in Dovecot:
ssl_ca_file =
Regards,
- --
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBS31Jmr+Vh58GPL/cAQJfBwf9Fg6ItLJxj09RHCY/dp9nIMiAGsDEHGsQ
kS6p7iyOZSfxGPJcovTHU85lgZqF2VUWWhgpTfVp2xAm1XoNTDYz5sdErWkckBmf
iqWYkQl8kYChl3lQLcJMrN4Fv2t6Cp+IkaKaMVa7bo5pAX0byq2DatGfWSiUvrk3
BEOEoTrFz2DAk27TnzLNWuQ1CtyHlxDDjFSOJH1g1HoCeit6f4Vyc7p1llCV6P1r
6/IOcdLByeX/m38FJiP1/rhpv8O1zEfyGJuY0oL1nSF62wosMLXzZUkYwK6IN7cm
CytCyodEloKQhu0XzFHA0EJQ2eXWLsp8sCVt0GTymQaTURazgQ9aoQ==
=7FhN
-----END PGP SIGNATURE-----
