Discussion:
fetchmail - problems with ssl since upgrade to 6.3.16
(too old to reply)
Ewald Jenisch
2010-04-12 09:56:19 UTC
Permalink
Hi,

Recently during portupgrades fetchmail also got upgraded to
6.3.16. Since then I'm experiencing problems when trying to fetch
mails from a pop server via ssl.

Here's the error message I'm getting:

fetchmail: Issuer Organization: <anonymized>
fetchmail: Issuer CommonName: <anomymized>
fetchmail: Server CommonName: <anomymized>
fetchmail: <anonymized> key fingerprint: <anonymized>
fetchmail: <anonymized> fingerprints match.
fetchmail: Server certificate verification error: self signed certificate
34381474120:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:1056:
fetchmail: SSL connection failed.

The above message normally indicates that the cert on the server might
have changed. This however is definitely not the case (I'm managing
the server myself).

Asking google I found a similar report relating to fetchmail 6.3.16
(as in my case) under Linux:

http://bugs.archlinux.org/task/19043

So my questions are:

o) Has anybody else, using fetchmail with ssl, experienced the same
problems after a recent upgrade of fetchmail under FreeBSD?

o) Any known cure against it?

Last but not least, here's my config:

FreeBSD 7.3 recent as per April 09,2010. Fetchmail 6.3.16, openssl 1.0.0

Thanks much in advance for any clue,
-ewald
Jerry
2010-04-12 11:10:32 UTC
Permalink
Post by Ewald Jenisch
Hi,
Recently during portupgrades fetchmail also got upgraded to
6.3.16. Since then I'm experiencing problems when trying to fetch
mails from a pop server via ssl.
fetchmail: Issuer Organization: <anonymized>
fetchmail: Issuer CommonName: <anomymized>
fetchmail: Server CommonName: <anomymized>
fetchmail: <anonymized> key fingerprint: <anonymized>
fetchmail: <anonymized> fingerprints match.
fetchmail: Server certificate verification error: self signed
certificate 34381474120:error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed:s3_clnt.c:1056: fetchmail: SSL connection failed.
The above message normally indicates that the cert on the server might
have changed. This however is definitely not the case (I'm managing
the server myself).
Asking google I found a similar report relating to fetchmail 6.3.16
http://bugs.archlinux.org/task/19043
o) Has anybody else, using fetchmail with ssl, experienced the same
problems after a recent upgrade of fetchmail under FreeBSD?
o) Any known cure against it?
FreeBSD 7.3 recent as per April 09,2010. Fetchmail 6.3.16, openssl 1.0.0
You have obfuscated all of the data so there is no way for anyone to
verify your conclusions. The message indicates that you are using a
self-signed certificate. That warning message is normal. Are you
attempting to verify the certificate with fetchmail? If so, remove the
check an retry the process.

You might be better served on the fetchmail forum.
--
Jerry
***@seibercom.net

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__________________________________________________________________

Anger kills as surely as the other vices.
Loading...