Hi,
I'm using Fedora 19.
I'm not very experienced with this all certificate business, but I want to make some warnings disappear.
I'm connecting (with fetchmail) to imap.mail.yahoo.com on `imaps` port via SSL, and I'm getting their SSL certificate. I'd like to enforce a proper validation of this certificate by trusting its CA. I've found that their CA is named "DigiCert High Assurance CA-3", but Fedora 19 seems to only include DigiCert High Assurance CA-0. So I've navigated to DigiCert's website to got the required certificate (I hope). I've translated the .crt format to .pem format by using this command:
Code:
$ openssl x509 -inform DES -in DigiCertHighAssuranceCA-3.crt -out DigiCertHighAssuranceCA-3.pem -text
I've copied DigiCertHighAssuranceCA-3.pem to /etc/pki/tls/certs and I've run:
Code:
$ sudo c_rehash .
Doing .
DigiCertHighAssuranceCA-3.pem => 02b2d53d.0
Unfortunately, fetchmail still shows me an SSL error. I'm sure I've missed something, but any guides that I find on the Internet for other distros doesn't apply for Fedora 19, because F19 seems to have changed its certificate management.
I'm too green to figure out the proper solution to my problem :)
Could anyone help?