After upgrading from 4.0.6-r3, connections to imapd cause the following error : imapd-ssl: couriertls: connect: error:0B07C065:x509 certificate routines:X509_STORE_add_cert:cert already in hash table This is the same bug as described here : http://groups.google.com/group/linux.debian.bugs.dist/browse_thread/thread/7dca521cd8e6315f Except it also happens with 4.0.6-r3 on Gentoo. Reproducible: Always Because cyrus-sasl's authdaemond USE flag depends on courier-imap, postfix's smtpd will fail similarly if it uses cyrus' SASL implementation.
Update : actually downgrading courier-imap did not change anything. I am not sure on how to investigate this. It might have to do with ca-certificates.
Downgrading from app-misc/ca-certificates-20080809 to app-misc/ca-certificates-20080514-r2 solves the problem. Re-upgrading got me this : >>> Installing app-misc/ca-certificates-20080809 Updating certificates in /etc/ssl/certs....WARNING: Skipping duplicate certificate root.pem WARNING: Skipping duplicate certificate QuoVadis_Root_Certification_Authority.pem done. So something must be wrong with my SSL setup. Will investigate further but this looks like an INVALID candidate ... sorry for the noise :/
My /etc/ssl/certs was to blame. There are certs in there that I don't even remember putting there and that are conflicting with ca-certificates, causing TLS to break. Again, sorry about the noise.
(In reply to comment #3) > My /etc/ssl/certs was to blame. There are certs in there that I don't even > remember putting there and that are conflicting with ca-certificates, causing > TLS to break. Again, sorry about the noise. Edit : it seems ca-certificates causes this consistently on amd64. Will report there.