fetchmail-friends
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[fetchmail]Re: SSL authentication problems with Gmail

2006-01-02 05:00:24
from [Sebastian Tennant] [Permanent Link] 

Rob Funk <rfunk(_at_)funknet(_dot_)net> wrote:


Matthias Andree wrote:

You'd usually get the ROOT certificate from - in this case - Thawte
instead and install that. I'm not sure if Debian has a separate package
for the root certificates of the large certification authorities such as
Thawte and VeriSign.


Yes, Debian has such a package:
  http://packages.debian.org/ca-certificates

The openssl package "suggests" ca-certificates; "suggests" is two levels 
below "requires".


Finally found some time to return to this issue.  I have the Thawte
certificate (included in the ca-certificates package).  It's  the
google certificate which is causing the problem...

Once again, is there anything wrong with this method:

    $ openssl s_client -connect smtp.googlemail.com:995 -showcerts

  Mark the region containing the certificate, including the begin and
  end lines:

    -----BEGIN CERTIFICATE-----
    [...]
    -----END CERTIFICATE-----

  ... and write the region to disk as a `pem' file, in a folder called
  certs. 

  Then do a ...

    $ c_rehash certs

  ... to generate the hashes?

    $ ls -al certs
      total 12
      drwxrwxr-x  2 sebyte adm 4096 Jan  2 11:40 .
      drwxr-xr-x  7 sebyte adm 4096 Jan  2 11:40 ..
      lrwxrwxrwx  1 sebyte adm   10 Jan  2 11:40 e5b84c7a.0 -> google.pem
      -rw-rw-r--  1 sebyte adm 1224 Jan  2 11:37 google.pem

  Still getting the same problem though:

    fetchmail[5579]: starting fetchmail 6.2.5.4 daemon  
    fetchmail[5579]: 6.2.5.4 querying pop.googlemail.com (protocol POP3) at Mon 
Jan  2 11:43:20 2006: poll started 
    fetchmail[5579]: pop.googlemail.com key fingerprint: 
46:8B:6C:F4:3E:4C:56:29:83:54:2C:37:42:F1:67:80 
    fetchmail[5579]: 6.2.5.4 querying pop.googlemail.com (protocol POP3) at Mon 
Jan  2 11:43:21 2006: poll completed 
    fetchmail[5579]: Query status=3 (AUTHFAIL) 
    fetchmail[5579]: Deleting fetchids file. 
    fetchmail[5579]: sleeping at Mon Jan  2 11:43:21 2006 

  So it's either a bug in my version of fetchmail (upgrding is the
  next thing I'm going to try) or I'm doing something wrong when I
  generate the google hash.  (The Thawte cert. is part of ca-certificates)

  Hmmm...

  sdt



_______________________________________________
Fetchmail-friends mailing list
Fetchmail-friends(_at_)lists(_dot_)ccil(_dot_)org
http://lists.ccil.org/cgi-bin/mailman/listinfo/fetchmail-friends
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [fetchmail]Fetchmail is running slow on Mac OS X, Rob MacGregor
Next by Date:  [fetchmail]Header Problem., rahul
Previous by Thread:  [fetchmail]Fetchmail is running slow on Mac OS X, Stéphane Lux
Next by Thread:  Re: [fetchmail]Re: SSL authentication problems with Gmail, Matthias Andree
Indexes:  [Date] [Thread] [Top] [All Lists]