Rob Funk <rfunk(_at_)funknet(_dot_)net> wrote:
Matthias Andree wrote:
You'd usually get the ROOT certificate from - in this case - Thawte
instead and install that. I'm not sure if Debian has a separate package
for the root certificates of the large certification authorities such as
Thawte and VeriSign.
Yes, Debian has such a package:
http://packages.debian.org/ca-certificates
The openssl package "suggests" ca-certificates; "suggests" is two levels
below "requires".
Finally found some time to return to this issue. I have the Thawte
certificate (included in the ca-certificates package). It's the
google certificate which is causing the problem...
Once again, is there anything wrong with this method:
$ openssl s_client -connect smtp.googlemail.com:995 -showcerts
Mark the region containing the certificate, including the begin and
end lines:
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
... and write the region to disk as a `pem' file, in a folder called
certs.
Then do a ...
$ c_rehash certs
... to generate the hashes?
$ ls -al certs
total 12
drwxrwxr-x 2 sebyte adm 4096 Jan 2 11:40 .
drwxr-xr-x 7 sebyte adm 4096 Jan 2 11:40 ..
lrwxrwxrwx 1 sebyte adm 10 Jan 2 11:40 e5b84c7a.0 -> google.pem
-rw-rw-r-- 1 sebyte adm 1224 Jan 2 11:37 google.pem
Still getting the same problem though:
fetchmail[5579]: starting fetchmail 6.2.5.4 daemon
fetchmail[5579]: 6.2.5.4 querying pop.googlemail.com (protocol POP3) at Mon
Jan 2 11:43:20 2006: poll started
fetchmail[5579]: pop.googlemail.com key fingerprint:
46:8B:6C:F4:3E:4C:56:29:83:54:2C:37:42:F1:67:80
fetchmail[5579]: 6.2.5.4 querying pop.googlemail.com (protocol POP3) at Mon
Jan 2 11:43:21 2006: poll completed
fetchmail[5579]: Query status=3 (AUTHFAIL)
fetchmail[5579]: Deleting fetchids file.
fetchmail[5579]: sleeping at Mon Jan 2 11:43:21 2006
So it's either a bug in my version of fetchmail (upgrding is the
next thing I'm going to try) or I'm doing something wrong when I
generate the google hash. (The Thawte cert. is part of ca-certificates)
Hmmm...
sdt
_______________________________________________
Fetchmail-friends mailing list
Fetchmail-friends(_at_)lists(_dot_)ccil(_dot_)org
http://lists.ccil.org/cgi-bin/mailman/listinfo/fetchmail-friends