うちの設定はこんなで問題ないけどな(1.0alpha5のまま)

# PEM encoded X.509 SSL/TLS certificate and private key. They're opened before
# dropping root privileges, so keep the key file unreadable by anyone but
# root. Included doc/mkcert.sh can be used to easily generate self-signed
# certificate, just make sure to update the domains in dovecot-openssl.cnf
ssl_cert_file = /usr/local/etc/dovecot/dovecot.crt
ssl_key_file = /usr/local/etc/dovecot/private/dovecot.key

# File containing trusted SSL certificate authorities. Usually not needed.
ssl_ca_file = /usr/local/etc/dovecot/my-ca.crt