Re: pkg/52918: mail/dovecot does not supply intermediate CA certs

[Hauke Fath <hf%spg.tu-darmstadt.de@localhost>]

The following reply was made to PR pkg/52918; it has been noted by GNATS.

From: Hauke Fath <hf%spg.tu-darmstadt.de@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, filip%joyent.com@localhost
Subject: Re: pkg/52918: mail/dovecot does not supply intermediate CA certs
Date: Thu, 11 Jan 2018 19:25:19 +0100

 On Thu, 11 Jan 2018 16:25:00 +0000 (UTC), Filip Hajny wrote:
 > The way I understand the docs, ssl_ca was intended for client =3D
 >  certificate authentication only.
 
 Upstream's docs appear to be on your side:=20
 <https://wiki.dovecot.org/SSL/DovecotConfiguration>
 
 >  And I have always bundled my CA intermediate certificates with the one =
 =3D
 >  specified using ssl_cert, because that worked for me in the past.
 
 If that indeed (still) works (I did not check, but rolled back), there=20
 is no need for a roll-back.=20
 
 Still, the option used to work for chained server CA certs, and it=20
 doesn't any more on 2.3.
 
 Cheerio,
 hauke
 
 --=20
      The ASCII Ribbon Campaign                    Hauke Fath
 ()     No HTML/RTF in email            Institut f=FCr Nachrichtentechnik
 /\     No Word docs in email                     TU Darmstadt
      Respect for open standards              Ruf +49-6151-16-21344