On Sat, 13 Jun 2015 21:57:06 +0200, you wrote:>On Sat, Jun 13, 2015 at 03:41:26PM -0400, Steve Matzura wrote: >> >> > > Trying ::1... # this is certainly suspect >> >> > > Escape character is '^['. >> >> > > Connection closed by foreign host. > >This means the daemon is listening but errors out before able to process. >Check the logs. >Might be a dependency not starting, wrong permissions, certificate wrong/expired, etc..Oh yes! Sorry for not having checked this before. Jun 13 18:50:56 <my-node> dovecot: master: Error: service(pop3-login): command startup failed, throttling for 2 secs Jun 13 19:30:26 <my-node> dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Jun 13 19:30:26 <my-node> dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line Jun 13 19:30:26 <my-node> dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs Jun 13 19:31:27 <my-node> dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Jun 13 19:31:27 <my-node> dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line Jun 13 19:31:27 <my-node> dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs Jun 13 19:33:04 <my-node> dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key Jun 13 19:33:04 <my-node> dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line Jun 13 19:33:04 <my-node> dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs I thought this was a possibility. It probably means I have concatenated incorrect elements to form the certificate files.
Am 13.06.2015 um 22:11 schrieb Steve Matzura:> On Sat, 13 Jun 2015 21:57:06 +0200, you wrote: > >> On Sat, Jun 13, 2015 at 03:41:26PM -0400, Steve Matzura wrote: >>>>>>> Trying ::1... # this is certainly suspect >>>>>>> Escape character is '^['. >>>>>>> Connection closed by foreign host. >> >> This means the daemon is listening but errors out before able to process. >> Check the logs. >> Might be a dependency not starting, wrong permissions, certificate wrong/expired, etc.. > > Oh yes! Sorry for not having checked this before. > > Jun 13 18:50:56 <my-node> dovecot: master: Error: service(pop3-login): > command startup failed, throttling for 2 secs > Jun 13 19:30:26 <my-node> dovecot: imap-login: Error: SSL: Stacked > error: error:0608308E:digital envelope > routines:EVP_PKEY_get1_EC_KEY:expecting a ec key > Jun 13 19:30:26 <my-node> dovecot: imap-login: Fatal: Can't load > ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line > Jun 13 19:30:26 <my-node> dovecot: master: Error: service(imap-login): > command startup failed, throttling for 60 secs > Jun 13 19:31:27 <my-node> dovecot: imap-login: Error: SSL: Stacked > error: error:0608308E:digital envelope > routines:EVP_PKEY_get1_EC_KEY:expecting a ec key > Jun 13 19:31:27 <my-node> dovecot: imap-login: Fatal: Can't load > ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line > Jun 13 19:31:27 <my-node> dovecot: master: Error: service(imap-login): > command startup failed, throttling for 60 secs > Jun 13 19:33:04 <my-node> dovecot: imap-login: Error: SSL: Stacked > error: error:0608308E:digital envelope > routines:EVP_PKEY_get1_EC_KEY:expecting a ec key > Jun 13 19:33:04 <my-node> dovecot: imap-login: Fatal: Can't load > ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line > Jun 13 19:33:04 <my-node> dovecot: master: Error: service(imap-login): > command startup failed, throttling for 60 secs > > I thought this was a possibility. It probably means I have > concatenated incorrect elements to form the certificate files. >Looks like there is something wrong with the format of your certificates. Do your files contain the start and end lines? The private key file should look like this: -----BEGIN RSA PRIVATE KEY----- cWgpJPyTE7yxI7cqREE8ULqn4eVJ85YckBNooOXGiumSkoTske7XIGNvRQWkpFUN [...] 4LMADvl806xkVkoWDGqJvN2MrN4qeRWuiTQ4tqmi0xp8wfoKWD0q4A=-----END RSA PRIVATE KEY----- The public certificates file should look like this: -----BEGIN CERTIFICATE----- DwAwggEKAoIBAQCxpX2YsLeMT3GIMDtdJIoVkT+qe5PrpPL3omglJ+sKXnulM8JP [... more stuff from your domains cert ...] VmXZvW8oF1yaSQ/lSXZZ5Cg7mFZqqGrO5Sr15ZrduPlgdQ=-----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MDBaFw0yNDAyMjAxMDAwMDBaMEwxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i [... more stuff from your intermediate cert ...] AQAwHQYDVR0OBBYEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MEUGA1UdIAQ+MDwwOg=-----END CERTIFICATE----- -- Alex JOST
The public cert part is good, but the private one begins with "Begin private key", not "RSA key." On Sun, 14 Jun 2015 15:54:23 +0200, you wrote:>Am 13.06.2015 um 22:11 schrieb Steve Matzura: >> On Sat, 13 Jun 2015 21:57:06 +0200, you wrote: >> >>> On Sat, Jun 13, 2015 at 03:41:26PM -0400, Steve Matzura wrote: >>>>>>>> Trying ::1... # this is certainly suspect >>>>>>>> Escape character is '^['. >>>>>>>> Connection closed by foreign host. >>> >>> This means the daemon is listening but errors out before able to process. >>> Check the logs. >>> Might be a dependency not starting, wrong permissions, certificate wrong/expired, etc.. >> >> Oh yes! Sorry for not having checked this before. >> >> Jun 13 18:50:56 <my-node> dovecot: master: Error: service(pop3-login): >> command startup failed, throttling for 2 secs >> Jun 13 19:30:26 <my-node> dovecot: imap-login: Error: SSL: Stacked >> error: error:0608308E:digital envelope >> routines:EVP_PKEY_get1_EC_KEY:expecting a ec key >> Jun 13 19:30:26 <my-node> dovecot: imap-login: Fatal: Can't load >> ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line >> Jun 13 19:30:26 <my-node> dovecot: master: Error: service(imap-login): >> command startup failed, throttling for 60 secs >> Jun 13 19:31:27 <my-node> dovecot: imap-login: Error: SSL: Stacked >> error: error:0608308E:digital envelope >> routines:EVP_PKEY_get1_EC_KEY:expecting a ec key >> Jun 13 19:31:27 <my-node> dovecot: imap-login: Fatal: Can't load >> ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line >> Jun 13 19:31:27 <my-node> dovecot: master: Error: service(imap-login): >> command startup failed, throttling for 60 secs >> Jun 13 19:33:04 <my-node> dovecot: imap-login: Error: SSL: Stacked >> error: error:0608308E:digital envelope >> routines:EVP_PKEY_get1_EC_KEY:expecting a ec key >> Jun 13 19:33:04 <my-node> dovecot: imap-login: Fatal: Can't load >> ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line >> Jun 13 19:33:04 <my-node> dovecot: master: Error: service(imap-login): >> command startup failed, throttling for 60 secs >> >> I thought this was a possibility. It probably means I have >> concatenated incorrect elements to form the certificate files. >> > >Looks like there is something wrong with the format of your >certificates. Do your files contain the start and end lines? > > >The private key file should look like this: >-----BEGIN RSA PRIVATE KEY----- >cWgpJPyTE7yxI7cqREE8ULqn4eVJ85YckBNooOXGiumSkoTske7XIGNvRQWkpFUN >[...] >4LMADvl806xkVkoWDGqJvN2MrN4qeRWuiTQ4tqmi0xp8wfoKWD0q4A=>-----END RSA PRIVATE KEY----- > > >The public certificates file should look like this: >-----BEGIN CERTIFICATE----- >DwAwggEKAoIBAQCxpX2YsLeMT3GIMDtdJIoVkT+qe5PrpPL3omglJ+sKXnulM8JP >[... more stuff from your domains cert ...] >VmXZvW8oF1yaSQ/lSXZZ5Cg7mFZqqGrO5Sr15ZrduPlgdQ=>-----END CERTIFICATE----- >-----BEGIN CERTIFICATE----- >MDBaFw0yNDAyMjAxMDAwMDBaMEwxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i >[... more stuff from your intermediate cert ...] >AQAwHQYDVR0OBBYEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MEUGA1UdIAQ+MDwwOg=>-----END CERTIFICATE-----