[Dovecot] SSL issues on separate IPs - resolved

Tim Traver tt-list at simplenet.com
Fri Dec 3 08:36:18 EET 2010

Timo (and others),

It turns out that we had a different set of chain and root ca certs from
godaddy than was required for the proper chain. It seemed to work for
apache, but failed for dovecot...

I really dislike godaddy...

thanks for the help,


>> I guess I will go and make sure the chain and CA certs are the proper
>> ones from godaddy. I hate chain certs...
> Good plan. I had a similar problem getting fetchmail to connect to
> godaddy-cert'ed servers when the certificate chain verification failed
> because the CA root cert was not present on my client.
> To find it, I had to export from the Windows default certstore to get
> a copy. It did not identify itself very well, the OU was "ValiCert
> Class 2 Policy Validation Authority" but it appeared in the certmgr
> gui only as "http://www.valicert.com" (under 3rd party root certs).
> I believe the same one is in the Firefox certstore though, you can
> probably find it there.
>> So, I guess I'm not sure if it is dovecot or not yet, although it is
>> kind of strange that nothing is written in the logs about the handshake
>> failing.
>> Tim.

More information about the dovecot mailing list