It would be nice if the configuration for IMAP allowed for insecure certificates. Understanding that’s not “good” there are situations where it’s acceptable and I am struggling to identify any client that doesn’t support this.
I was able to hack in support by simply adding InsecureSkipVerify: true to the latest codebase. I’m sure a better implementation would be warranted however:
diff --git a/commands/compose/send.go b/commands/compose/send.go
index 59ae5d0..5ccd966 100644
--- a/commands/compose/send.go
+++ b/commands/compose/send.go
@@ -133,6 +133,7 @@ func (Send) Execute(aerc *widgets.Aerc, args []string) error {
}
if err = conn.StartTLS(&tls.Config{
ServerName: serverName,
+ InsecureSkipVerify: true,
}); err != nil {
return 0, errors.Wrap(err, "StartTLS")
}
diff --git a/worker/imap/worker.go b/worker/imap/worker.go
index a43ac49..7d81fb5 100644
--- a/worker/imap/worker.go
+++ b/worker/imap/worker.go
@@ -118,12 +118,12 @@ func (w *IMAPWorker) handleMessage(msg types.WorkerMessage) error {
}
if !w.config.insecure {
- if err := c.StartTLS(&tls.Config{}); err != nil {
+ if err := c.StartTLS(&tls.Config{ InsecureSkipVerify: true }); err != nil {
return err
}
}
case "imaps":
- c, err = client.DialTLS(w.config.addr, &tls.Config{})
+ c, err = client.DialTLS(w.config.addr, &tls.Config{ InsecureSkipVerify: true })
if err != nil {
return err
}
That's by design. Drew repeatedly declined to implement this.