> > Comes down I believe to the need to get a CA for dovecot's > pem files > > or I will always get an error. > > You've got to tell your mail client to trust either the > dovecot certificate or the CA cert that signed it. > > The procedure for doing so varies with your mail client. The > message you sent to the list came from Outlook. Is that the > client you typically use? Trying not to buy a ssl for my private mail, doesn't seem like something you would need just to get access to your own mail, so no trusted CA there (ssh does not require trusted dang it). The idea floated as a thought in some channels is to make a sort of self-trusted CA on your server for dovecot. But no examples of this can be found, so if anyone has knowledge, all ears here. For now I swtiched to plain text and cannot ssl my user/pass without the errors each time opening mail client (have downloaded and used a few)..this is a chain trust thing, not a mail client thing.