On Tue, 2009-11-17 at 13:38 -0600, Mike Abbott wrote:> In dovecot-2.0.alpha3, setting "ssl_ca_file = /path/to/file" in
conf.d/ssl.conf does not work, because imap-login chroots before opening the
ca_file. Perhaps this parameter could be replaced with "ssl_ca =
</path/to/file" as was done with ssl_cert and ssl_key.
Hmm. How do people use the ssl_ca_file in general? Does it have only a
single CA (or a couple) or does is it some huge file? I'd guess this
would be similar to certs/keys, so that if you're using multiple certs,
each IP would be using one CA, one cert, one key. Right?
I'm just mainly worried about config process having to send some huge CA
file.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20091117/8a14bbf7/attachment-0002.bin>