isp_geek
Member
Hallo Leute,
ich versuche schon seit einiger Zeit dovecot mit SSL abzusichern aber ständig bekomme ich einen Zertifikatsfehler und ich weiss nicht mehr weiter.
dovecot.conf
In der Chainfile sind Startssl Root CA und Class 1 Intermediate Certifikat drin.
dom_de.crt ist das von StartSSL signierte Certifikat.
[000.810] Cert NOT VALIDATED: unable to get local issuer certificate
[000.810] this may help: What Is An Intermediate Certificate
[000.810] So email is encrypted but the domain is not verified
[000.810] Cert Hostname VERIFIED (mail.mydom.de = mydom.de)
Was mach ich hier falsch?
ich versuche schon seit einiger Zeit dovecot mit SSL abzusichern aber ständig bekomme ich einen Zertifikatsfehler und ich weiss nicht mehr weiter.
dovecot.conf
Code:
ssl_cert = </etc/ssl/dom/dovecot.crt
ssl_key = </etc/ssl/dom/dom_de.key
ssl_ca = </etc/ssl/dom/startssl_chain.crt
ssl_protocols = !SSLv2 !SSLv3
dom_de.crt ist das von StartSSL signierte Certifikat.
Code:
seconds test stage and result
[000.119] Connected to server
[000.237] <-- 220 mail.mydom.de ESMTP Postfix (Debian/GNU)
[000.237] We are allowed to connect
[000.238] --> EHLO checktls.com
[000.355] <-- 250-mail.mydom.de
250-PIPELINING
250-SIZE
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
[000.355] We can use this server
[000.356] TLS is an option on this server
[000.356] --> STARTTLS
[000.472] <-- 220 2.0.0 Ready to start TLS
[000.473] STARTTLS command works on this server
[000.730] SSLVersion in use: TLSv1.2
[000.731] Cipher in use: ECDHE-RSA-AES128-SHA256
[000.731] Connection converted to SSL
[000.757]
Certificate 1 of 3 in chain:
subject= /C=DE/CN=mydom.de
issuer= /C=IL/O=StartCom Ltd./OU=StartCom Certification Authority/CN=StartCom Class 1 DV Server CA
[000.783]
Certificate 2 of 3 in chain:
subject= /C=DE/CN=mydom.de
issuer= /C=IL/O=StartCom Ltd./OU=StartCom Certification Authority/CN=StartCom Class 1 DV Server CA
[000.809]
Certificate 3 of 3 in chain:
subject= /C=DE/CN=mydom.de
issuer= /C=IL/O=StartCom Ltd./OU=StartCom Certification Authority/CN=StartCom Class 1 DV Server CA
[000.810] Cert NOT VALIDATED: unable to get local issuer certificate
[000.810] this may help: What Is An Intermediate Certificate
[000.810] So email is encrypted but the domain is not verified
[000.810] Cert Hostname VERIFIED (mail.mydom.de = mydom.de)
[000.811] ~~> EHLO checktls.com
[000.929] <~~ 250-mail.mydom.de
250-PIPELINING
250-SIZE
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
[000.930] TLS successfully started on this server
[000.930] ~~> MAIL FROM:<test@checktls.com>
[001.048] <~~ 250 2.1.0 Ok
[001.048] Sender is OK
[001.049] ~~> RCPT TO:<info@mydom.de>
[001.196] <~~ 250 2.1.5 Ok
[001.196] Recipient OK, E-mail address proofed
[001.196] ~~> QUIT
[001.313] <~~ 221 2.0.0 Bye
[000.810] Cert NOT VALIDATED: unable to get local issuer certificate
[000.810] this may help: What Is An Intermediate Certificate
[000.810] So email is encrypted but the domain is not verified
[000.810] Cert Hostname VERIFIED (mail.mydom.de = mydom.de)
Was mach ich hier falsch?