Solved: Linux fetchmail showing error

Post Reply
mister_v
Posts: 192
Joined: Thu Mar 04, 2010 9:19 pm

Solved: Linux fetchmail showing error

Post by mister_v »

When I fetchmail from my server I get the following error:

fetchmail: socket error while fetching from user@mailsever
fetchmail: Query status=2 (SOCKET)
fetchmail: Server certificate verification error: unable to get local issuer certificate
fetchmail: Broken certification chain at: /C=GB/ST=Greater Manchester/L=Salford/O=Sectigo Limited/CN=Sectigo RSA Domain Validation Secure Server CA
fetchmail: This could mean that the server did not provide the intermediate CA's certificate(s), which is nothing fetchmail could do anything about. For details, please see the README.SSL-SERVER document that ships with fetchmail.



I checked the server and the ssl-certificate is valled.
I don't understand the problem.

I can get the mail by using

Code: Select all

fetchmail --nosslcertck -a
But I want to solve the root cause.
Last edited by mister_v on Mon May 20, 2024 2:45 pm, edited 1 time in total.
chris
Site Admin
Posts: 196
Joined: Mon Jul 21, 2008 9:52 am

Re: Linux fetchmail showing error

Post by chris »

The certificate on your server is part of a chain.
Many time the are delivered as separated files.
Something like : server.cert and server.ca-bundle

For dovecot, it easier to put them 1 file (order is important ! ).
And add the file in
/etc/dovecot/conf.d/10-ssl.conf

Code: Select all

ssl_cert = </etc/ssl/private/cert_for_dovecot.cert
From the website: https://doc.dovecot.org/configuration_m ... iguration/
Chained SSL certificates
Put all the certificates in the ssl_cert file. For example when using a certificate signed by TDC the correct order is:
Dovecot’s public certificate
TDC SSL Server CA
TDC Internet Root CA
Globalsign Partners CA


Don't forget to reload or restart devecot.
mister_v
Posts: 192
Joined: Thu Mar 04, 2010 9:19 pm

Re: Linux fetchmail showing error

Post by mister_v »

Thanks, i thought is was the same as for postfix.
But it is different.
Post Reply