[imp] cant login Imp/courier

Otto Stolz Otto.Stolz at uni-konstanz.de
Tue Jul 18 04:34:03 PDT 2006


Markus Braun schrieb:
> On the test.php of imap i tried to login, but i get an error:
>    * Trying protocol imap, Port 143:
>          ERROR - The server returned the following error message:
> 
>          Certificate failure for 89.149.194.125: self signed certificate:
>          /C=US/ST=NY/L=New York/O=Courier Mail 
> Server/OU=Automatically-generated
>          IMAP SSL key/CN=localhost/emailAddress=postmaster at example.com

Your SSL client (in your Imp Server machine) does not know about
the Certification Authority (CA) that is at the root of the certificate
chain certifying your IMAP server. Either configure the SSH client
properly (i. e. install the root certificate from your CA), or use
the imap/ssl/novalidate-cert protocol setting in your imp configuration.

E. g., under Solaris, with OpenSSL, I have installed the DFN-CA's root
certificate thusly:
   su - root -c '/usr/bin/tcsh'
      cd /usr/local/ssl/certs
      set wz=dfn-classic.pem
      wget http://www.uni-konstanz.de/pki/Zertifikate/$wz
      ln -s $wz `openssl x509 -in $wz -hash | head -1`.0
      exit
Since then, that problem has vanished.

Of course, you would have to wget another root certificate.


> Is this a courier problem?

Apparently, the administreator of your Courier server has not bothered
to have their certificate signed by any CA. This means, that server acts
as its own, sovereign CA, and you will have to install that server's
certificate in your SSL client.

Good luck,
   Otto Stolz



More information about the imp mailing list