gmail, mutt and msmtp fix

August 17, 2009 by · 3 Comments
Filed under: technology 

If you use mutt and smtp to access gmail . Here is a (bad) news. Cool guys at Google again changed certificate. Oh, did you ask – how do it know it ? Simple mutt started complaining about bad certificate when trying to use msmpt, infamous ‘msmtp: TLS certificate verification failed: the certificate hasn’t got a known issuer.’ greeted me on the screen.

To cross confirm –
Just run following

$ msmtp --serverinfo --host=smtp.gmail.com --tls=on --port=587 --tls-certcheck=off

In place of old Thwate Server now you get following in issuer segment
Issuer:
Common Name: Google Internet Authority
Organization: Google Inc
Country: US

Fortunately fix is simple, here is what you need to do on debian

# apt-get install ca-certificates
# dpkg -s ca-certificates|grep Version
Version: 20090814

After this just change following line in you ~/.msmtprc

tls_trust_file /certs/Thawte SSLWeb Server Roots/thawte Premium Server CA/Thawte Premium Server CA.pem

to

tls_trust_file /usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt

  • Recent Posts