Problems installing ssl certificate for cyrus imap
Andrew Morgan
morgan at orst.edu
Mon Sep 26 17:55:07 EDT 2005
On Mon, 26 Sep 2005, Nicole Skyrca wrote:
> Hi Andy,
> Right now I'm trying to solve the problem of why I get see the
> "unable to get local issuer certificate" messages when running the
> openssl s_client command. I'm not that familiar with ssl (or imap) and
> I
> don't know if this is normal or not, or if ssl is working properly.
> Comodo sent an intermediate CA certificate
> along with the signed ssl certificate, that I don't know what to do
> with.
Short answer: IMAPS should be working fine on your server.
Long answer:
The CA certificate is used to verify the authenticity of your SSL
certificate (which has been signed by the CA certificate). The CA
certificate is needed on the client side of the connection, not the server
side, so there is no need to place it anywhere in the context of your
Cyrus imapd.conf file.
If Comodo is a generally recognized Certificate Authority, then their CA
certificate should already be distributed with most web browsers, email
clients, etc.
To summarize: The CA certificate is only needed by SSL clients, not SSL
servers.
Let me know if you have any more questions,
Andy
More information about the Info-cyrus
mailing list