Oh, my. That was intended for Nathan only. (Thanks, Evolution!) I don't mind Mike's silliness. It encourages me to post questions about e.g. why Google Play Store will not update while OpenVPN is up... were I actually to take the time to put together all the ancillary documentation, like my network topology.... oy. I wonder where THIS email will go. Maybe we can talk about Stross's Vile Offspring and how to avoid being left behind. Maybe I need to assume corporeality and hit the stammtisch... mumble. On Thu, 2018-04-12 at 11:27 -0700, Matt Birkholz wrote: > Hi Nathan, > > Did you get any help with this, or figure it out yourself by now? > > I have been doing similar things on a CoxBusiness static IP for years, > so maybe I can help. (Also Mike's latest silliness makes me wish for > more erudite discussions on PLUG. Smart questions going unanswered > only makes it worse? :-) > > I included a couple quick "reactions" to your email (below) but maybe > this is moot now, a week on. > > -Matt > > On Thu, 2018-04-05 at 20:29 -0700, Nathan O'Brennan wrote: > > Hey all, > > > > I use Let's Encrypt on my web server, and I use the same certificate for > > my postfix and dovecot services. Today I realized that my phone has not > > alerted me to new messages. I logged into my webmail via Firefix (I > > don't usually log into webmail until my phone says I have mail) and sure > > enough, I had quite a bit of mail, so I opened my BlueMail app and it > > will not connect because my certificate cannot be verified. > > > > Firefox works fine on webmail. > > Chrome works fine on webmail. > > Postfix, Apache, and Dovecot all operate correctly without warnings. > > > > Bluemail, Thunderbird, and Kmail all fail to connect because the > > certificate cannot be verified. > > You did not attach the intermediate certificates? > > > I had to accept the certificate to use it on my phone. Has Let's Encrypt > > changed something? Or what? I don't get any errors on my server, dovecot > > reports a username of <> during the initial handshake, which I think is > > normal, then reports an error only when my phone attempts to connect > > which looks like: > > > > > > Apr 05 20:26:23 codezilla.xyz dovecot[1699]: imap-login: Disconnected > > (no auth attempts in 3 secs): user=<>, rip=70.xxx.aaa.162, > > lip=138.197.192.135, TLS handshaking: SSL_accept() failed: > > error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate > > unknown: SSL alert number 46, session= > > > > Best I can tell this is a failure on my server's attempt to verify my > > phone's certificate? > > Your phone has an IMAP client certificate? I missed that part. > > The error message actually looks like mine when certificates do not > validate and clients do not attempt to log in. > > > Any help would be appreciated. > > --------------------------------------------------- > > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > > To subscribe, unsubscribe, or to change your mail settings: > > http://lists.phxlinux.org/mailman/listinfo/plug-discuss > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org To subscribe, unsubscribe, or to change your mail settings: http://lists.phxlinux.org/mailman/listinfo/plug-discuss