[BlueOnyx:13228] Gmail enforcing Strict SSL security
Dogsbody
dan at dogsbody.org
Tue Jun 18 11:12:34 -05 2013
All the servers I build now only talk SSL protocols (OK, except HTTP) in
that I only enable POP3s and IMAPS instead of their clear text originals.
As of December 2012 Gmail is enforcing Strict SSL security when checking
certificates [1]. This has just caught me out when we had a user
collecting their mail via POP3 from their Gmail account.
I have a cert for the server which does get copied to dovecot but it
seems that it doesn't copy any certificate authorities.
I fixed this with the following commands...
cp /etc/admserv/certs/ca-certs /etc/pki/dovecot/certs/ca.pem
vi /etc/dovecot/conf.d/10-ssl.conf
# add the following line
ssl_ca = </etc/pki/dovecot/certs/ca.pem
service dovecot restart
Any chance this could be added to production?
Thank you
Dan
[1]
https://support.google.com/mail/answer/21291?ctx=gmail&hl=en-GB&authuser=0
More information about the Blueonyx
mailing list