fetchmail certificate verification messages

Marco Beishuizen mbeis at xs4all.nl
Wed Jul 7 20:30:49 UTC 2010

On Tue, 6 Jul 2010, Dan Nelson wrote:

> CA Roots are also self-signed, btw :)  Addtrust is a valid CA Root, and is
> the root for some certificates signed by Network Solutions and Comodo (and
> probably others).  Marco, the fetchmail manpage mentions a --sslcertfile
> option; try adding "--sslcertfile /etc/ssl/cert.pem" to force fetchmail to
> use the ca_root_nss file you installed previously.  IMHO openssl should
> automatically consult that file, but apparently it doesn't.

Where do I add the "--sslcertfile" option? I do have a /etc/ssl/cert.pem 
file and fetchmail is started at boot-time (in rc.conf). The starting 
script of fetchmail in /usr/local/etc/rc.d/ isn't something to be changed 
I think. Or do I add the option in the .fetchmailrc file?


A lady is one who never shows her underwear unintentionally.
 		-- Lillian Day

More information about the freebsd-questions mailing list