We have moved to a new Sailfish OS Forum. Please start new discussions there.
1

Email certificate issue (dovecot) [answered]

asked 2014-06-10 15:19:25 +0300

doktoil makresh gravatar image

updated 2014-06-10 16:14:52 +0300

VDVsx gravatar image

Hi,

I'm using my own IMAP server (dovecot). It is running fine on all devices (Meego N9, Maemo N900, Mozilla Thunderbird...) but my securely signed certificate seems to be wrong for the Jolla.

My conf : server : mail.makelofine.org Encryption : STARTTLS (SSL tested too) Port : 143 (STARTTLS) / 993 (SSL)

openssl confirms my certificate is OK : echo '' | openssl s_client -connect mail.makelofine.org:993 | openssl x509 -fingerprint -text

So, what is wrong ?!

PS : When i check the box to allow unsecure certificate, it is working. Of course I don't want to enable it as I have a offially signed certificate

edit retag flag offensive reopen delete

The question has been closed for the following reason "the question is answered, an answer was accepted" by VDVsx
close date 2014-06-10 16:15:04.764988

Comments

Checked in my laptop and it says that is untrusted: verify error:num=27:certificate not trusted

VDVsx ( 2014-06-10 15:27:53 +0300 )edit

Try to change the server host to "webmail.makelofine.org"

jbrek ( 2014-06-10 15:34:13 +0300 )edit

@jbrek : webmail.makelofine.org is hostname for HTTPS, TCP/443), hostname for IMAPS (TCP/993) is mail.makelofine.org

doktoil makresh ( 2014-06-10 15:58:57 +0300 )edit

1 Answer

Sort by » oldest newest most voted
4

answered 2014-06-10 15:35:30 +0300

gabriel gravatar image

You need to make a proper change in dovecot's certificate file. Stick your certificate first, then your unencrypted RSA key, then class 1 and subclass certificates of your provider. Your openssl s_client test now returns 21 (unable to verify the first certificate), it should return 0 or at least 19 (which is self signed, but probably because openssl doesn't know about your CA).

A bit of a pain, but I fixed it yesterday like this. It's a good thing that Sailfish is anal about this now to avoid Man in the Middle attacks.

edit flag offensive delete publish link more

Comments

Thank you very much ! Indeed, Sailfish seems to be more secure that all my previous email clients ;)

doktoil makresh ( 2014-06-10 16:08:14 +0300 )edit

Question tools

Follow
2 followers

subscribe to rss feed

Stats

Asked: 2014-06-10 15:19:25 +0300

Seen: 278 times

Last updated: Jun 10 '14

Related questions

self-signed SSL certificates should be accepted for Exchange sync [answered]

Mark all as read feature in Jolla Mail application [released]

[OPTION] Threaded view in mail app

IMAP IDLE / IMAP Push for the E-Mail app [released]

Bug: E-Mail synchronization does not work as configured [released]

A way to specify sender's name and e-mail in Google (and IMAP) account [released]

[Implemented in 1.0.3.8] Email: Honour Reply-To header [answered]

[Implemented in 1.0.3.8] Email: Insert In-Reply-To header [answered]

Bug: Having to delete e-mails twice [answered]

Where do the E-Mail attachments go to? [answered]

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49