[ANNOUNCEMENT] TEST: fetchmail 6.4.0.rc3-1

Eliza eli@ChinaBuckets.com
Thu Aug 29 04:48:00 GMT 2019


on 2019/8/29 10:54, René Berber wrote:
> Check the sslcertpath parameter used by fetchmail, see if it points to
> the certificates (/etc/pki/tls/certs or /etc/ssl/certs).  Also sslkey if
> there is one.
> The parameter(s) could/should be in ~/.fetchmailrc .

Yes the certs files are there:

$ ls /etc/pki/tls/certs
ca-bundle.crt  ca-bundle.trust.crt

$ ls /etc/ssl/certs
ca-bundle.crt  ca-bundle.trust.crt

fetchmail -v got the same error at the bottom lines.

  unable to get local issuer certificate
fetchmail: Broken certification chain at: /C=US/O=DigiCert 
Inc/OU=www.digicert.com/CN=GeoTrust RSA CA 2018
fetchmail: This could mean that the server did not provide the 
intermediate CA's certificate(s), which is nothing fetchmail could do 
anything about.  For details, please see the README.SSL-SERVER document 
that ships with fetchmail.
fetchmail: This could mean that the root CA's signing certificate is not 
in the trusted CA certificate location, or that c_rehash needs to be run 
on the certificate directory. For details, please see the documentation 
of --sslcertpath and --sslcertfile in the manual page.
fetchmail: OpenSSL reported: error:1416F086:SSL 
routines:tls_process_server_certificate:certificate verify failed

Thank you.

Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list