On Wed, Oct 24, 2007 at 11:46:34AM -0500, Chuck Campbell wrote:
I see these messages every time fetchmail pops my mail. I don't understand what certificates it is talking about, or how to straighten this out.
A certificate identifies the server, i.e., the client gets a piece of information about the server that can be used to start a private conversation. The certificate must be signed by an entity, that you trust.
fetchmail: Server CommonName mismatch: localhost != mail.mydomain.com
The certificate was issued for the server: 'localhost', but you're connecting to 'mail.mydomain.com'. This could be a man-in-the-middle attack.
fetchmail: Server certificate verification error: self signed certificate
The certificate is signed by itself, not by an external entity that you trust. You can't be sure you're talking with the correct server.
fetchmail: Server certificate verification error: certificate has expired
Every certificate has a validity (start and end date when the certificate is valid). Yours has expired.
What do I need to read up on to understand this and find a fix?
Public key infrastructure (PKI):
http://www.gtlib.cc.gatech.edu/pub/linux/docs/HOWTO/other-formats/html_singl... http://www.carillon.ca/library/howtos.php