<DKIM> Cannot use offlineimap with gmail

Luke Kenneth Casson Leighton lkcl at lkcl.net
Sat May 6 20:17:03 BST 2017


---
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68


On Fri, May 5, 2017 at 2:55 PM, Sridhar M. A. <alaymari at gmail.com> wrote:
> On Wed, May 03, 2017 at 08:08:33PM +0300, Ilias Tsitsimpis wrote:
>    >
>    > Sridhar, could you please try and replace the cert_fingerprint option
>    > with 'sslcacertfile = OS-DEFAULT'?
>    >
> I tried it and still got the error.
>
> As the error was about certificate mismatch, I copied the certificate
> displayed from the command "openssl s_client ..." and put it in a file.
> Changed the offlinemaprc to point to this file as the certificate. It
> worked!
>
> My question now is whether this method is wrong/bad leading to future
> problems.

 it would probably be a reaaally good idea to publish that
certificate, so that other people can take a look at it.  you *really*
should not be using an unverified ssl certificate where the other end
just says "oh yeahhh you can trust uuuus..."

 the point of using a *known* ssl certificate that's been signed by a
*known* certificate authority is that... well... they're known!

 l.




More information about the OfflineIMAP-project mailing list