Yesterday I upgraded dovecot from 1.1.16 to 1.2.4 using portupgrade ? I am now getting the following messages in the log file: Sep 23 12:00:41 imap-login: Fatal: Can't load certificate? file /etc/ssl/imaps.example.org.csr: The file doesn't contain a certificate. ? The certificate file contains exactly what it did before: -----BEGIN CERTIFICATE REQUEST----- MIIBhTCB7wIBADBGMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFDASBgNVBAcT C0xvcyBBbmdlbGVzMRQwEgYDVQQKEwtCb3hJU1AsIExMQzCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAue0xYWcYcLHQoI/nQj2tG3AV0Mepx1pvHbCSqmKxelyo z5cToH9kFIPzxDJvL8ChQ21ftM7m79ChfiXgWsUhHuaoeNdwr12FQ+nbbZoaELGZ 3keZv93rYkGstkL8zxTIquDq1dKSp+3e1T7M0ktphlYWuNEv8vHa4zM3n5izdmcC AwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAA1JnGM4A5HvRy+TFjMrUHoJr79DaMpj qmKT2R5uW0iQnRGjrSfMCaZgyEQqKU5eCAVx5xTih7iO7VKLP5zKRVMSAJ5kQW1o 7bM/NvbnI+Jdz749VkZtUXWWVNlIB0uVXp++moWN5+y94kj3f1VhHQke+pS8NWGG YxhXEZtBBUdO -----END CERTIFICATE REQUEST----- I even tried creating an new certificate and still get the same error NO changes were made to any config files ? I have tried to test the connection by: telnet localhost 143 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. (at this point it hangs and never responds,? I have to kill the pid) ? ANY help would be appreciated
Eduardo M KALINOWSKI
2009-Sep-23 20:20 UTC
[Dovecot] The file doesn't contain a certificate.
On Qua, 23 Set 2009, A M wrote:> Yesterday I upgraded dovecot from 1.1.16 to 1.2.4 using portupgrade > ? > I am now getting the following messages in the log file: > Sep 23 12:00:41 imap-login: Fatal: Can't load certificate? file > /etc/ssl/imaps.example.org.csr: The file doesn't contain a > certificate. > ? > The certificate file contains exactly what it did before: > -----BEGIN CERTIFICATE REQUEST----- > MIIBhTCB7wIBADBGMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFDASBgNVBAcT > C0xvcyBBbmdlbGVzMRQwEgYDVQQKEwtCb3hJU1AsIExMQzCBnzANBgkqhkiG9w0B > AQEFAAOBjQAwgYkCgYEAue0xYWcYcLHQoI/nQj2tG3AV0Mepx1pvHbCSqmKxelyo > z5cToH9kFIPzxDJvL8ChQ21ftM7m79ChfiXgWsUhHuaoeNdwr12FQ+nbbZoaELGZ > 3keZv93rYkGstkL8zxTIquDq1dKSp+3e1T7M0ktphlYWuNEv8vHa4zM3n5izdmcC > AwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAA1JnGM4A5HvRy+TFjMrUHoJr79DaMpj > qmKT2R5uW0iQnRGjrSfMCaZgyEQqKU5eCAVx5xTih7iO7VKLP5zKRVMSAJ5kQW1o > 7bM/NvbnI+Jdz749VkZtUXWWVNlIB0uVXp++moWN5+y94kj3f1VhHQke+pS8NWGG > YxhXEZtBBUdO > -----END CERTIFICATE REQUEST-----That's not a certificate, that's a certificate request. You send it to a company that sells certificates (along with your credit card number :-) ) and receive the certificate. Or you can generate a self-signed certificate by following the steps in http://openssl.linux-mirror.org/docs/HOWTO/certificates.txt . -- Eduardo M KALINOWSKI eduardo at kalinowski.com.br