Dovecot POP3 STARTTLS works on Thunderbird but not on Gmail

Reindl Harald h.reindl at
Sun Nov 16 14:34:01 UTC 2014

Am 16.11.2014 um 15:27 schrieb Aleš Grm:
> Ok, I tried on port 995, and on Gmail I get "SSL error: unable to verify
> the first certificate". Certificate is not self-signed (using StartCOM)
> Could the form of public part of certificate be wrong? I'm using only .CRT

on *any* server you need to setup the chain correctly

that's not dovecot specific and not doing so means you rely on the grace 
of the client which may or may not have the full chain in his trust store

P.S.: for clients like MS Outlook you need port 993/995 anyways

> On 16 Nov 2014 14:19, "Reindl Harald" <h.reindl at> wrote:
>> Am 16.11.2014 um 14:05 schrieb Aleš Grm:
>>> I have configured Dovecot to work perfectly on Thundrebird using SSL
>>> certificates with STARTTLS on port 110. When I try to add this account on
>>> Gmail I get the error:
>>> In Gmail my settings include port 110 and the use of SSL is checked.
>>> Dovecot configuration:
>>> Any idea why does it work with Thunderbird and not with Gmail?
>> surely - gmail wants 995 instead 110 (means not STARTTLS) and don't accept
>> self signed certificates BTW

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the dovecot mailing list