# Problem with imapd-ssl and ca-certificates. [solved]

## elderet

Hi all! When trying to connect to my mailserver using "SSL (Accept all certificates)" I suddenly get the following error in the system log:

```
Jan 08 22:04:53 [imapd-ssl] couriertls: /etc/ssl/certs/9e6afd31.0: No such file or directory

```

The certificate file in the log message is a symbolic link to a symbolic link to a missing file:

```
/etc/ssl/certs/9e6afd31.0 -> /etc/ssl/certs/Thawte_Time_Stamping_CA.pem

/etc/ssl/certs/Thawte_Time_Stamping_CA.pem -> /usr/share/ca-certificates/mozilla/Thawte_Time_Stamping_CA.crt

ls: cannot access /usr/share/ca-certificates/mozilla/Thawte_Time_Stamping_CA.crt: No such file or directory

```

If I comment out TLS_TRUSTCERTS in /etc/courier-imap/imapd-ssl, the connection is working again:

```

# TLS_TRUSTCERTS=/etc/ssl/certs

```

(self-signed cert) ...but this does not seem to be the proper way to solve it. Have any of you seen similar problems? Perhaps I just missed an upgrade instruction?Last edited by elderet on Tue Jan 10, 2012 11:02 pm; edited 1 time in total

----------

## Quincy

I think you're right and missed this upgrade instruction (taken from my build log of app-misc:ca-certificates-20111025):

```
>>> Original instance of package unmerged safely.

 * Broken symlink for a certificate at /etc/ssl/certs/64d1f6f4.0

 * Broken symlink for a certificate at /etc/ssl/certs/AOL_Time_Warner_Root_Certification_Authority_1.pem

 * Broken symlink for a certificate at /etc/ssl/certs/ed9bb25c.0

 * Broken symlink for a certificate at /etc/ssl/certs/9e6afd31.0

 * Broken symlink for a certificate at /etc/ssl/certs/AOL_Time_Warner_Root_Certification_Authority_2.pem

 * Broken symlink for a certificate at /etc/ssl/certs/Thawte_Personal_Freemail_CA.pem

 * Broken symlink for a certificate at /etc/ssl/certs/Thawte_Time_Stamping_CA.pem

 * Broken symlink for a certificate at /etc/ssl/certs/12ac4d91.0

 * You MUST remove the above broken symlinks

 * Otherwise any SSL validation that use the directory may fail!

 * To batch-remove them, run:

 * find -L /etc/ssl/certs/ -type l -exec rm {} +

```

----------

## elderet

Thank you!

Emerging ca-certificates gave a similar result as in your log.

```
emerge -1 ca-certificates
```

...and the problem was solved after running:

```
find -L /etc/ssl/certs/ -type l -exec rm {} +
```

 :Smile: 

----------

## octavsly

 *elderet wrote:*   

> Thank you!
> 
> Emerging ca-certificates gave a similar result as in your log.
> 
> ```
> ...

 

Why doesn't the ebuild do this? I have spent few hours on this  :Sad: 

----------

