On 8.8.2019 21.31, Hauke Fath via dovecot wrote: > On Wed, 7 Aug 2019 20:24:13 +0300 (EEST), Aki Tuomi via dovecot wrote: >>> i thought ssl_ca is where to put the intermediate cert? > Well, it surely worked that way until v2.3... > >> (Sorry for duplicate mail, keyboard acted up...) >> >> No, that has always been a mistake and it was fixed in 2.3. Our SSL >> pages in documentation & wiki have always recommended concatenating >> the intermediates with the cert. > Aki, after the issue came up last time > <http://dovecot.2317879.n4.nabble.com/dovecot-2-2-openssl-1-0-vs-dovecot-2-3-openssl-1-1-1-ssl-regression-tt65322.html#none>, > > you appeared to have changed your mind? What happened? > > Cheerio, > Hauke >
I don't see any change of mind here. As you can see in the quote you mentioned, > > Including ssl_ca with cert is not actually a good idea, but perhaps this should > > indeed be mentioned in the upgrading page. Not a regression in any case. Aki
