HPE Community
Operating System - Linux
1820483 Members
2224 Online
109624 Solutions
New Discussion юеВ

fetchmail error

 
Maaz
Valued Contributor

тАО09-08-2009 12:24 AM

тАО09-08-2009 12:24 AM

fetchmail error

SLES10SP2
# rpm -q fetchmail
fetchmail-6.3.2-15.12

upon running fetchmail I getting the following error

fetchmail: Server CommonName mismatch: host7.nsmx.net != mycompany.com
fetchmail: Server certificate verification error: self signed certificate
fetchmail: Authorization failure on user@mycompany.com
fetchmail: Query status=3 (AUTHFAIL)

help/suggest
0 Kudos
Reply
2 REPLIES 2
Matti_Kurkela
Honored Contributor

тАО09-08-2009 01:17 AM

тАО09-08-2009 01:17 AM

Re: fetchmail error

You're trying to connect to a server that has an invalid SSL certificate.

The certificate is invalid for two reasons:

1.) it is self-signed (= "home-made") and you have not explicitly configured the system to trust that certificate.
To configure a certificate as trusted, you typically have to add it to /etc/ssl/certs/ directory: see the documentation and/or support webpages for your Linux distribution for details.

2.) the name in the certificate does not match the server's name as detected by a DNS reverse lookup (host7.nsmx.net vs mycompany.com). A SSL certificate must be generated for the primary Fully-Qualified Domain Name of the server: if a certificate is generated for any other name (e.g. an alias name), it is assumed to be a forgery and rejected.

This is something that only the administrator of the server can fix.

MK
MK
0 Kudos
Reply
Mike Stroyan
Honored Contributor

тАО09-08-2009 06:44 PM

тАО09-08-2009 06:44 PM

Re: fetchmail error

You can get around a certificate failure by specifying a fetchmail -sslfingerprint option or fetchmailrc sslfingerprint keyword that matches the fingerprint of the certificate that a mail server presents. Check out the fetchmail man page description of sslfingerprint.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.