I'm getting endless complaints about my dovecot cert, /etc/pki/dovecot/certs/dovecot.pem which I created years ago following the dovecot instructions. Do I really have to use a separate cert and key for dovecot? Can I not use the "standard" cert in /etc/pki/tls/certs (and key) from CACert.org ? -- Timothy Murphy gayleard /at/ eircom.net School of Mathematics, Trinity College, Dublin
> -----Original Message----- > From: Timothy Murphy > Sent: Tuesday, March 03, 2015 9:55 > > I'm getting endless complaints about my dovecot cert,Exact message please?> /etc/pki/dovecot/certs/dovecot.pem > which I created years ago following the dovecot instructions. > > Do I really have to use a separate cert and key for dovecot? > Can I not use the "standard" cert in /etc/pki/tls/certs (and key) > from CACert.org ?Post the certificate only, not the private key. That is the part between "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----". If you have a binary file, pipe it to 'openssl x509 -inform DER' -Jason -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.
Jason Pyeron wrote:>> I'm getting endless complaints about my dovecot cert, > > Exact message please?The certificate does not apply to the given host The certificate is not signed by any trusted certificate authority>> Do I really have to use a separate cert and key for dovecot? >> Can I not use the "standard" cert in /etc/pki/tls/certs (and key) >> from CACert.org ? > > Post the certificate only, not the private key.I've looked at the cert and key and they look ok for what they are, a self-signed certificate and key, as created (years ago) following the instructions in the dovecot installation instructions. I'm really just asking if I cannot just use what I take to be the standard openssl certificate and key in /etc/pki/tls/ Do I really have to create up a special cert for dovecot? -- Timothy Murphy gayleard /at/ eircom.net School of Mathematics, Trinity College, Dublin