Hi Laura,
On Mon, 24 Jan 2022 at 08:25:12PM +0000, Laura Smith wrote:
I'm having a frustrating problem trying to use "doveadm sync" to pull
mails off a server for migration purposes.
# 2.3.17.1 (476cd46418): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.17.1 (a1a0b892)
# OS: Linux 5.10.0-11-amd64 x86_64 Debian 11.2
I have tried both explicit "ssl_client_ca_dir = /etc/ssl/certs" and commenting it out (i.e. relying on OpenSSL default per the
docs)
I always get the same:
Info: Received invalid SSL certificate: unable to get issuer certificate: /C=US/O=Internet Security Research Group/CN=ISRG Root
X1 (check ssl_client_ca_* se
ttings?)
just an idea, but maybe that's the problem?:
https://doc.dovecot.org/configuration_manual/authentication/proxies/
"Note
ssl_client_ca_dir or ssl_client_ca_file aren’t currently used for verifying the
remote certificate, although ideally they will be in a future Dovecot version.
For
now you need to add the trusted remote certificates to ssl_ca."
Regards,
Markus
