0 Replies Latest reply: Jul 23, 2013 6:51 AM by s.mann
s.mann Level 1 Level 1 (0 points)

Hi,

 

since some weeks I'm responsible for a Mac OSX Lion 10.7.4 server. Enalbed services are calendar, addressbook and mail server. We try to use our server at a third party portal to send and recieve emails. But the problem is, when we try to configure the IMAP part we always get:

 

There was an issue connecting to your email server. Please make sure you've entered your email and password correctly. SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

 

What I found out so far is that the person who was responsible before didn't added the intermediary certificate for Comodo, where we bought the SSL certificate. I added them today as described here:

http://wiki.canby.k12.or.us/groups/ipodusergroup/wiki/f2061/

and restarted the mail service, but it's still not working.

 

openssl s_client -showcerts -connect groupware.ourdomain.com:993
...

Compression: 1 (zlib compression)

Start Time: 1374586615

Timeout   : 300 (sec)

Verify return code: 0 (ok)

---
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=X-PLAIN-SUBMIT AUTH=LOGIN AUTH=CRAM-MD5 AUTH=PLAIN] Dovecot ready.
 ...

It's only woking when I add the option -CAfile:

 

openssl s_client -CAfile COMODOHigh-AssuranceSecureServerCA-1.crt -showcerts -connect groupware.ourdomain.com:993
...

Compression: 1 (zlib compression)

Start Time: 1374587241

Timeout   : 300 (sec)

Verify return code: 0 (ok)

---
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=X-PLAIN-SUBMIT AUTH=LOGIN AUTH=CRAM-MD5 AUTH=PLAIN] Dovecot ready.
...

Is it really needed to restart the whole server as desribed in the article? I thought it should be enough to restart the service only. All mail clients, the webmail stuff and so on is working without complaining about certificate problems. Any advice would be appreciated.

 

Thanks!


Mac Pro, Mac OS X (10.7.3)