On 13 Jan 2003, Steve Huston writes:

> Finally got it!  I followed the exact instructions in the manual for
> creating a key, and for some reason that worked.  Then I realized
> one other thing I changed in the /etc/imapd.conf file when I used
> that other key, that being "tls_ca_file:" It seems that the program
> doesn't like the CA file that comes with RedHat 8.0, and if I
> specify that file it chokes and dies *only* on TLS connections, SSL
> works fine.

This makes perfect sense.  Red Hat creates an initial host cert (not
CA, I think) that uses "localhost.localdomain" as the host name (CN
attribute).  That 'works' for HTTPS web browsing, but generally fails
for IMAPS and POP3S use.  You just need the correct real hostname in
your certificate.

Jonathan Marsden        | Internet: [EMAIL PROTECTED]     | Making electronic 
1252 Judson Street      | Phone: +1 (909) 795-3877      | communications work 
Redlands, CA 92374      | Fax:   +1 (909) 795-0327      | reliably for Christian 
USA                     | http://www.xc.org/jonathan    | missions worldwide 

Reply via email to