Matthias Andree <matthias(_dot_)andree(_at_)gmx(_dot_)de> writes:
Sebastian Tennant <sebyte(_at_)smolny(_dot_)plus(_dot_)com> writes:
[...]
Hm. Does another "-v" provide detail?
Nope. No more info.
And I've now noticed another problem.
fetchmail[3914]: awakened at Fri Dec 16 08:07:58 2005
fetchmail[3914]: 6.2.5.4 querying pop.googlemail.com (protocol POP3) at Fri \
Dec 16 08:07:58 2005: poll started
fetchmail[3914]: Issuer Organization: Thawte Consulting cc
fetchmail[3914]: Issuer CommonName: Thawte Premium Server CA
fetchmail[3914]: Server CommonName: pop.googlemail.com
fetchmail[3914]: pop.googlemail.com key fingerprint: \
46:8B:6C:F4:3E:4C:56:29:83:54:2C:37:42:F1:67:80
fetchmail[3914]: SIGPIPE thrown from an MDA or a stream socket error
fetchmail[3914]: 6.2.5.4 querying pop.googlemail.com (protocol POP3) at Fri \
Dec 16 08:07:58 2005: poll completed
fetchmail[3914]: Query status=2 (SOCKET)
I think this happens when I fire up Gnus (configured to collect my IMAP mail
only). Could POP and IMAP be sharing the same port or socket or something?
Does fetchmail 6.3.0 or 6.3.1-pre1 work for you? See
http://fetchmail.berlios.de/ for 6.3.0
http://home.pages.de/~mandree/fetchmail/ for 6.3.1-pre1
I'll give this a go when I find the time. At the moment I'm running fetchmail
version 6.2.5.4-1, (according to Debian apt-show-versions).
Is [there] another copy of the google root certificate in /etc/ssl/certs (or
whatever else the SSL default path for certificates is on your system)?
AFAIR -CApath just adds to the path without removing the former path
components.
Yup. You're right. I renamed /etc/ssl/certs to certs(disabled) and am now
getting the following output with the aforementioned openssl `rhubarb'
command. I'm also still getting this output with the proper command :-/
CONNECTED(00000003)
depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=pop.googlemail.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=pop.googlemail.com
verify error:num=27:certificate not trusted
verify return:1
depth=0 /C=US/ST=California/L=Mountain View/O=Google Inc/CN=pop.googlemail.com
verify error:num=21:unable to verify the first certificate
verify return:1
[...]
... Verify return code: 21 (unable to verify the first certificate)
This is how I created Google's pem file:
Got the certificate with:
$ openssl s_client -connect smtp.googlemail.com:995 -showcerts
Marked the region containing the certificate, including these lines:
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
Wrote the region to disk as a `pem' file.
(As I'm working in an Emacs unicode shell buffer on a Linux box, do you think
it could be a `LF instead of CR/LF' issue?)
Then I created the hash for it with:
$ c_rehash <directory_of_pem_files>
Oh well... more problems. Would like to dig deeper but no time. Have to run
now.
Once again, any further help much appreciated.
_______________________________________________
Fetchmail-friends mailing list
Fetchmail-friends(_at_)lists(_dot_)ccil(_dot_)org
http://lists.ccil.org/cgi-bin/mailman/listinfo/fetchmail-friends