Let's Encrypt certificates
Carruth, Rusty
Rusty.Carruth at smartm.com
Tue Apr 17 15:46:56 MST 2018
Actually, I was really hoping for answers, because I'm not using certs yet and know I've got to fix that.
Is Let's Encrypt good, other than your current issues?
Any place that's free and good (or cheap and perfect)?
Rusty Carruth | Customer Support | rusty.carruth at smarth.com | http://www.smarth.com
See the new M4
See us on Storage Search http://www.storagesearch.com/smart2.html
510-624-5391 | Fax: 480-926-5579 | 1325 N. Fiesta Blvd. Suite 101 Gilbert, Az. 85233
This email message (and any attachments) is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
-----Original Message-----
From: PLUG-discuss [mailto:plug-discuss-bounces at lists.phxlinux.org] On Behalf Of Matt Birkholz
Sent: Thursday, April 12, 2018 11:27 AM
To: plugaz at codezilla.xyz; Main PLUG discussion list
Subject: Re: Let's Encrypt certificates
Hi Nathan,
Did you get any help with this, or figure it out yourself by now?
I have been doing similar things on a CoxBusiness static IP for years,
so maybe I can help. (Also Mike's latest silliness makes me wish for
more erudite discussions on PLUG. Smart questions going unanswered
only makes it worse? :-)
I included a couple quick "reactions" to your email (below) but maybe
this is moot now, a week on.
-Matt
On Thu, 2018-04-05 at 20:29 -0700, Nathan O'Brennan wrote:
> Hey all,
>
> I use Let's Encrypt on my web server, and I use the same certificate for
> my postfix and dovecot services. Today I realized that my phone has not
> alerted me to new messages. I logged into my webmail via Firefix (I
> don't usually log into webmail until my phone says I have mail) and sure
> enough, I had quite a bit of mail, so I opened my BlueMail app and it
> will not connect because my certificate cannot be verified.
>
> Firefox works fine on webmail.
> Chrome works fine on webmail.
> Postfix, Apache, and Dovecot all operate correctly without warnings.
>
> Bluemail, Thunderbird, and Kmail all fail to connect because the
> certificate cannot be verified.
You did not attach the intermediate certificates?
> I had to accept the certificate to use it on my phone. Has Let's Encrypt
> changed something? Or what? I don't get any errors on my server, dovecot
> reports a username of <> during the initial handshake, which I think is
> normal, then reports an error only when my phone attempts to connect
> which looks like:
>
>
> Apr 05 20:26:23 codezilla.xyz dovecot[1699]: imap-login: Disconnected
> (no auth attempts in 3 secs): user=<>, rip=70.xxx.aaa.162,
> lip=138.197.192.135, TLS handshaking: SSL_accept() failed:
> error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate
> unknown: SSL alert number 46, session=<xsrZniVpOQBGsb2i>
>
> Best I can tell this is a failure on my server's attempt to verify my
> phone's certificate?
Your phone has an IMAP client certificate? I missed that part.
The error message actually looks like mine when certificates do not
validate and clients do not attempt to log in.
> Any help would be appreciated.
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss
More information about the PLUG-discuss
mailing list