X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=eKJqPQZm0X1IH+Rw 4fsSY84zAVypm3eOThg5g1FBmozRCe+1XZpvibWW8096ID3YcFbY97DGEypqFPA7 hsw323W+fy2xUn2eYdpuwaMFEbkgGTNgjbALpl12zukViIqlH8QN2CEljkgfk5vb 62baOB/flFrKD+90YrkeXQQl/9c= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; s=default; bh=4qb4GLiYyXigkq5KDXInRH Vbbn0=; b=wtqocezW7wsQSn9HEEDeDLCTaKIcnCkLZdgYUk+pRp9tI3+TcpnqB2 MrbJIZHGqB9diwph0WDkK7bMpGiyy5zfAmWktyK5RxNIWVW7ab/8Pv2f1YDpK75b jlKEVXSIbd6qh2O6IxqGekg/mXzMbZ/pOfZss5L1rz0luLqOiUm8s= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-1.2 required=5.0 tests=AWL,BAYES_00,KAM_NUMSUBJECT,RCVD_IN_DNSWL_NONE,SPF_PASS,UNPARSEABLE_RELAY autolearn=no version=3.3.1 spammy=signing, certificates, ren, Ren X-HELO: out20-25.mail.aliyun.com X-Alimail-AntiSpam:AC=CONTINUE;BC=0.1074677|-1;CH=green;DM=CONTINUE|CONTINUE|true|0.0156842-0.00104176-0.983274;FP=0|0|0|0|0|-1|-1|-1;HT=e02c03300;MF=eli AT chinabuckets DOT com;NM=1;PH=DS;RN=1;RT=1;SR=0;TI=SMTPD_---.FKh7O0r_1567047940; Subject: Re: [ANNOUNCEMENT] TEST: fetchmail 6.4.0.rc3-1 To: cygwin AT cygwin DOT com References: <6b849bb1-c86e-0fe5-9ece-ad9d5ed180a6 AT ChinaBuckets DOT com> <7803ce5e-0a58-1b1f-4699-6d1d75f50f30 AT ChinaBuckets DOT com> <6d0543c0-3aff-1fa8-7cf5-399ac4aecea1 AT gmail DOT com> From: Eliza Message-ID: Date: Thu, 29 Aug 2019 11:05:37 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: <6d0543c0-3aff-1fa8-7cf5-399ac4aecea1@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-IsSubscribed: yes Hello, on 2019/8/29 10:54, René Berber wrote: > Check the sslcertpath parameter used by fetchmail, see if it points to > the certificates (/etc/pki/tls/certs or /etc/ssl/certs). Also sslkey if > there is one. > > The parameter(s) could/should be in ~/.fetchmailrc . Yes the certs files are there: $ ls /etc/pki/tls/certs ca-bundle.crt ca-bundle.trust.crt $ ls /etc/ssl/certs ca-bundle.crt ca-bundle.trust.crt fetchmail -v got the same error at the bottom lines. unable to get local issuer certificate fetchmail: Broken certification chain at: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=GeoTrust RSA CA 2018 fetchmail: This could mean that the server did not provide the intermediate CA's certificate(s), which is nothing fetchmail could do anything about. For details, please see the README.SSL-SERVER document that ships with fetchmail. fetchmail: This could mean that the root CA's signing certificate is not in the trusted CA certificate location, or that c_rehash needs to be run on the certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manual page. fetchmail: OpenSSL reported: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed Thank you. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple