partial solution to alpine certificate problem
Posted: 1. Aug 2012, 15:27
To use alpine with gmail, in the past I have needed to disable certificate validation to get it to work:
http://www.salixos.org/wiki/index.php/H ... il_account
I'm not sure how significant a threat to security that is, but anyway, it's untidy.
I recently came across this post:
https://totalrecall.wordpress.com/2008/ ... rtificate/
In a nutshell, to find out where the certificates are being looked for, do:
which in my case returns
I had a look and there were the certificates (or rather, symlinks to them), so I tried removing novalidate-cert from my .pinerc ... and it worked 
(though not the very first time).
I've been playing with mutt lately, and installed msmtp, and maybe some of that fiddling put the symlinks there. (For instance, I compiled msmtp with the flag --with-ssl=openssl as recommended somewhere in my reading about getting the same thing working with mutt.) But if not, I think all that's needed is to put the certificate mentioned in the post linked to above in /etc/ssl/certs (or /foo/bar/certs, if it's somewhere else). (I actually don't have cert.pem, so I'm not sure which one is being used - I think it might be cacert.org.pem.) Note that /etc/ssl/openssl.cnf specifies that the certificates are located in the subdirectory ./certs
http://www.salixos.org/wiki/index.php/H ... il_account
I'm not sure how significant a threat to security that is, but anyway, it's untidy.
I recently came across this post:
https://totalrecall.wordpress.com/2008/ ... rtificate/
In a nutshell, to find out where the certificates are being looked for, do:
Code: Select all
openssl version -dCode: Select all
OPENSSLDIR: "/etc/ssl"I've been playing with mutt lately, and installed msmtp, and maybe some of that fiddling put the symlinks there. (For instance, I compiled msmtp with the flag --with-ssl=openssl as recommended somewhere in my reading about getting the same thing working with mutt.) But if not, I think all that's needed is to put the certificate mentioned in the post linked to above in /etc/ssl/certs (or /foo/bar/certs, if it's somewhere else). (I actually don't have cert.pem, so I'm not sure which one is being used - I think it might be cacert.org.pem.) Note that /etc/ssl/openssl.cnf specifies that the certificates are located in the subdirectory ./certs