On Sun, Dec 31, 2006, M. Fioretti wrote: > On Sat, Dec 30, 2006 22:41:46 PM +0100, Dr. Stephen Henson ([EMAIL > PROTECTED]) wrote: > > > > Does the my_certs directory contain the above server certificate and > > have you done c_rehash on it? > > er... yes. That's what I wrote in my original message. At least, I > followed some the instructions in the web pages I mentioned, which, I > believe, achieve exactly what you ask above. > > Please look again at my original message, since I pasted the commands > and their output there: are those commands exactly what you mean with > the question above? > > Please don't hesitate to ask for more details and/or to run other > commands, I am really going mad over this and need all the support I > can get! >
Well the error you are getting is because the certificate verification failed. One reason could be because the certs dir isn't set up properly or the self signed server certificate is not readable to the fetchmail process. A third possibility is that the server certificate has inappropriate extensions. I looked at the document at: http://wanderingbarque.com/howtos/mailserver/mailserver.html it mentions how to generate a certificate but using the older CA.sh shell script. The CA.pl perl script the is more up to date version. I can't see any mention of creating a self signed certificate there other than as in indirect consequence of the -newca option. The procedure there is to generate a root CA to sign other certificates with. If you want to just generate a self signed certificate and key you can use the single command: openssl req -x509 -out sscert.pem -new -nodes -keyout sskey.pem -days 3650 Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
