Re: Unable to connect from macOS mail client
So presumably the entire contents of the ssl public and/or private key could be included verbatim in the configuration file without the "<" input pipeline redirection symbol. On February 19, 2022 5:25:15 AM AKST, Bernardo Reino wrote: >On Sat, 19 Feb 2022, necktwi wrote: > >> After adding “<“ before ssl_ca file path, macOS mail client complained no >> more. Why do we need “<“ before file paths? — Necktwi > >Because the manual says so? :) > >"The < is mandatory. It indicates that the variable should contain contents of >the file, instead of the file name. Not using it will cause an error." >(https://doc.dovecot.org/configuration_manual/dovecot_ssl_configuration/) > >Or is it a rhetorical question? -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: Unable to connect from macOS mail client
On Sat, 19 Feb 2022, necktwi wrote: After adding “<“ before ssl_ca file path, macOS mail client complained no more. Why do we need “<“ before file paths? — Necktwi Because the manual says so? :) "The < is mandatory. It indicates that the variable should contain contents of the file, instead of the file name. Not using it will cause an error." (https://doc.dovecot.org/configuration_manual/dovecot_ssl_configuration/) Or is it a rhetorical question?
Re: Unable to connect from macOS mail client
After adding “<“ before ssl_ca file path, macOS mail client complained no more. Why do we need “<“ before file paths? — Necktwi > On 14-Feb-2022, at 12:33 PM, Aki Tuomi wrote: > > >> On 13/02/2022 11:26 necktwi wrote: >> >> >> When trying to add mail account to the macOS mail client, I get following >> error >> >> Feb 13 13:05:15 imap-login: Info: Disconnected: Connection closed: >> SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert >> certificate unknown: SSL alert number 46 (no auth attempts in 0 secs): >> user=<>, rip=157.48.200.20, lip=192.168.1.101, TLS handshaking: SSL_accept() >> failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate >> unknown: SSL alert number 46, session=<5mZDV+HXxK+dMMgU> >> >> How to fix it? >> >> — >> Necktwi > > alert 46 means that you are not using fullchain cert in your ssl_cert. > > The ssl_cert file should contain the cert followed by intermediate certs > between the cert and root, so clients can form trust path to root. > > Aki Tuomi
Re: Unable to connect from macOS mail client
> On 13/02/2022 11:26 necktwi wrote: > > > When trying to add mail account to the macOS mail client, I get following > error > > Feb 13 13:05:15 imap-login: Info: Disconnected: Connection closed: > SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert > certificate unknown: SSL alert number 46 (no auth attempts in 0 secs): > user=<>, rip=157.48.200.20, lip=192.168.1.101, TLS handshaking: SSL_accept() > failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate > unknown: SSL alert number 46, session=<5mZDV+HXxK+dMMgU> > > How to fix it? > > — > Necktwi alert 46 means that you are not using fullchain cert in your ssl_cert. The ssl_cert file should contain the cert followed by intermediate certs between the cert and root, so clients can form trust path to root. Aki Tuomi
Unable to connect from macOS mail client
When trying to add mail account to the macOS mail client, I get following error Feb 13 13:05:15 imap-login: Info: Disconnected: Connection closed: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46 (no auth attempts in 0 secs): user=<>, rip=157.48.200.20, lip=192.168.1.101, TLS handshaking: SSL_accept() failed: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown: SSL alert number 46, session=<5mZDV+HXxK+dMMgU> How to fix it? — Necktwi