thr3ads.net - dovecot - SSL error [Oct 2016]

If this information is useful, please help other people find it:
Share via:

arnaud gaboury

2016-Oct-13 08:12 UTC

SSL error

On Thu, Oct 13, 2016 at 8:48 AM Christian Kivalo <ml+dovecot at valo.at>
wrote:
>
>
>
>
> Am 13. Oktober 2016 08:41:06 MESZ, schrieb arnaud gaboury <
> arnaud.gaboury at gmail.com>:
>
> >I run dovecot + postfix as my email server. Everything is working as
>
> >expected, but I see an error in the dovecot logs:
>
> >
>
> >lmtp(7331): Error: SSL context initialization failed, disabling SSL:
>
> >ENGINE_init(dynamic) failed
>
> >
>
> >Dovecot is running and emails are OK. I wonder why this error and how I
>
> >can
>
> >fix it? I see it is a SSL issue but no idea in which direction to look.
>
> >Thank you for help
>
> Please post the complete log lines and the output of dovecot -n
>
>$ journalctl --unit=dovecot
Oct 13 08:20:20 thetradinghall.com systemd[1]: Started Dovecot IMAP/POP3
email server.
Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7331): Error: SSL
context initialization failed, disabling SSL: ENGINE_init(dynamic) failed
Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7337): Error: SSL
context initialization failed, disabling SSL: ENGINE_init(dynamic) failed
Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7338): Error: SSL
context initialization failed, disabling SSL: ENGINE_init(dynamic) failed
........................


$ dovecot -n
# 2.2.25 (7be1766): /etc/dovecot/dovecot.conf
# OS: Linux 4.7.4-1-hortensia_docker x86_64 Fedora release 24 (Twenty Four)
auth_cache_size = 10 M
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
doveadm_socket_path = /run/dovecot/doveadm-server
imap_id_log = *
info_log_path = /storage/log/dovecot/dovecot-info.log
mail_debug = yes
mail_gid = 5000
mail_location = maildir:~:LAYOUT=fs
mail_server_admin = mailto:admin at thetradinghall.com
mail_uid = 5000
mailbox_list_index = yes
maildir_very_dirty_syncs = yes
namespace inbox {
  inbox = yes
  location   mailbox Archive {
    auto = create
    special_use = \Archive
  }
  mailbox Drafts {
    auto = create
    special_use = \Drafts
  }
  mailbox Junk {
    auto = create
    special_use = \Junk
  }
  mailbox Sent {
    auto = create
    special_use = \Sent
  }
  prefix   separator = /
  type = private
}
passdb {
  args = /etc/dovecot/dovecot-sql.conf.ext
  driver = sql
}
protocols = imap lmtp
service auth-worker {
  user = vmail
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0666
    user = postfix
  }
  unix_listener auth-userdb {
    group = postfix
    mode = 0600
    user = postfix
  }
  user = root
}
service imap-login {
  inet_listener imaps {
    port = 993
    ssl = yes
  }
}
service lmtp {
  process_min_avail = 10
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0600
    user = postfix
  }
}
ssl = required
ssl_cert = </etc/letsencrypt/live/thetradinghall.com/fullchain.pem
ssl_crypto_device = dynamic
ssl_key = </etc/letsencrypt/live/thetradinghall.com/privkey.pem
ssl_protocols = !SSLv2 !SSLv3
userdb {
  args = uid=5000 gid=5000 home=/storage/vmail/%d/%n
  driver = static
}
verbose_ssl = yes
protocol lmtp {
  hostname = thetradinghall.com
  postmaster_address = postmaster at thetradinghall.com
}





>
>
>  --
>
> Christian Kivalo
>
>

Christian Kivalo

2016-Oct-13 08:30 UTC

head link

SSL error

On 2016-10-13 10:12, arnaud gaboury wrote:> On Thu, Oct 13, 2016 at 8:48 AM Christian Kivalo <ml+dovecot at
valo.at>
> wrote:
> 
>> 
>> 
>> 
>> 
>> Am 13. Oktober 2016 08:41:06 MESZ, schrieb arnaud gaboury <
>> arnaud.gaboury at gmail.com>:
>> 
>> >I run dovecot + postfix as my email server. Everything is working
as
>> 
>> >expected, but I see an error in the dovecot logs:
>> 
>> >
>> 
>> >lmtp(7331): Error: SSL context initialization failed, disabling
SSL:
>> 
>> >ENGINE_init(dynamic) failed
>> 
>> >
>> 
>> >Dovecot is running and emails are OK. I wonder why this error and
how I
>> 
>> >can
>> 
>> >fix it? I see it is a SSL issue but no idea in which direction to
look.
>> 
>> >Thank you for help
>> 
>> Please post the complete log lines and the output of dovecot -n
>> 
>> 
> $ journalctl --unit=dovecot
> Oct 13 08:20:20 thetradinghall.com systemd[1]: Started Dovecot 
> IMAP/POP3
> email server.
> Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7331): Error: 
> SSL
> context initialization failed, disabling SSL: ENGINE_init(dynamic) 
> failed
> Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7337): Error: 
> SSL
> context initialization failed, disabling SSL: ENGINE_init(dynamic) 
> failed
> Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7338): Error: 
> SSL
> context initialization failed, disabling SSL: ENGINE_init(dynamic) 
> failed
> ........................
> 
> 
> $ dovecot -n
> # 2.2.25 (7be1766): /etc/dovecot/dovecot.conf
> # OS: Linux 4.7.4-1-hortensia_docker x86_64 Fedora release 24 (Twenty 
> Four)
> auth_cache_size = 10 M
> auth_debug = yes
> auth_debug_passwords = yes
> auth_mechanisms = plain login
> auth_verbose = yes
> auth_verbose_passwords = plain
> doveadm_socket_path = /run/dovecot/doveadm-server
> imap_id_log = *
> info_log_path = /storage/log/dovecot/dovecot-info.log
> mail_debug = yes
> mail_gid = 5000
> mail_location = maildir:~:LAYOUT=fs
> mail_server_admin = mailto:admin at thetradinghall.com
> mail_uid = 5000
> mailbox_list_index = yes
> maildir_very_dirty_syncs = yes
> namespace inbox {
>   inbox = yes
>   location >   mailbox Archive {
>     auto = create
>     special_use = \Archive
>   }
>   mailbox Drafts {
>     auto = create
>     special_use = \Drafts
>   }
>   mailbox Junk {
>     auto = create
>     special_use = \Junk
>   }
>   mailbox Sent {
>     auto = create
>     special_use = \Sent
>   }
>   prefix >   separator = /
>   type = private
> }
> passdb {
>   args = /etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> protocols = imap lmtp
> service auth-worker {
>   user = vmail
> }
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
>     group = postfix
>     mode = 0666
>     user = postfix
>   }
>   unix_listener auth-userdb {
>     group = postfix
>     mode = 0600
>     user = postfix
>   }
>   user = root
> }
> service imap-login {
>   inet_listener imaps {
>     port = 993
>     ssl = yes
>   }
> }
> service lmtp {
>   process_min_avail = 10
>   unix_listener /var/spool/postfix/private/dovecot-lmtp {
>     group = postfix
>     mode = 0600
>     user = postfix
>   }
> }
> ssl = required
> ssl_cert = </etc/letsencrypt/live/thetradinghall.com/fullchain.pem
> ssl_crypto_device = dynamic  ^^ does it work when you comment/remove this setting?

from my 10-ssl.conf
# SSL crypto device to use, for valid values run "openssl engine"
#ssl_crypto_device 
by default ssl_crypto_device is not set.
> ssl_key = </etc/letsencrypt/live/thetradinghall.com/privkey.pem
> ssl_protocols = !SSLv2 !SSLv3
> userdb {
>   args = uid=5000 gid=5000 home=/storage/vmail/%d/%n
>   driver = static
> }
> verbose_ssl = yes
> protocol lmtp {
>   hostname = thetradinghall.com
>   postmaster_address = postmaster at thetradinghall.com
> }
> 
> -- 
  Christian Kivalo

arnaud gaboury

2016-Oct-13 08:48 UTC

head link

SSL error

On Thu, Oct 13, 2016 at 10:30 AM Christian Kivalo <ml+dovecot at valo.at>
wrote:
>
>
>
>
> On 2016-10-13 10:12, arnaud gaboury wrote:
>
> > On Thu, Oct 13, 2016 at 8:48 AM Christian Kivalo <ml+dovecot at
valo.at>
>
> > wrote:
>
> >
>
> >>
>
> >>
>
> >>
>
> >>
>
> >> Am 13. Oktober 2016 08:41:06 MESZ, schrieb arnaud gaboury <
>
> >> arnaud.gaboury at gmail.com>:
>
> >>
>
> >> >I run dovecot + postfix as my email server. Everything is
working as
>
> >>
>
> >> >expected, but I see an error in the dovecot logs:
>
> >>
>
> >> >
>
> >>
>
> >> >lmtp(7331): Error: SSL context initialization failed,
disabling SSL:
>
> >>
>
> >> >ENGINE_init(dynamic) failed
>
> >>
>
> >> >
>
> >>
>
> >> >Dovecot is running and emails are OK. I wonder why this error
and how I
>
> >>
>
> >> >can
>
> >>
>
> >> >fix it? I see it is a SSL issue but no idea in which direction
to look.
>
> >>
>
> >> >Thank you for help
>
> >>
>
> >> Please post the complete log lines and the output of dovecot -n
>
> >>
>
> >>
>
> > $ journalctl --unit=dovecot
>
> > Oct 13 08:20:20 thetradinghall.com systemd[1]: Started Dovecot
>
> > IMAP/POP3
>
> > email server.
>
> > Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7331): Error:
>
> > SSL
>
> > context initialization failed, disabling SSL: ENGINE_init(dynamic)
>
> > failed
>
> > Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7337): Error:
>
> > SSL
>
> > context initialization failed, disabling SSL: ENGINE_init(dynamic)
>
> > failed
>
> > Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7338): Error:
>
> > SSL
>
> > context initialization failed, disabling SSL: ENGINE_init(dynamic)
>
> > failed
>
> > ........................
>
> >
>
> >
>
> > $ dovecot -n
>
> > # 2.2.25 (7be1766): /etc/dovecot/dovecot.conf
>
> > # OS: Linux 4.7.4-1-hortensia_docker x86_64 Fedora release 24 (Twenty
>
> > Four)
>
> > auth_cache_size = 10 M
>
> > auth_debug = yes
>
> > auth_debug_passwords = yes
>
> > auth_mechanisms = plain login
>
> > auth_verbose = yes
>
> > auth_verbose_passwords = plain
>
> > doveadm_socket_path = /run/dovecot/doveadm-server
>
> > imap_id_log = *
>
> > info_log_path = /storage/log/dovecot/dovecot-info.log
>
> > mail_debug = yes
>
> > mail_gid = 5000
>
> > mail_location = maildir:~:LAYOUT=fs
>
> > mail_server_admin = mailto:admin at thetradinghall.com
>
> > mail_uid = 5000
>
> > mailbox_list_index = yes
>
> > maildir_very_dirty_syncs = yes
>
> > namespace inbox {
>
> >   inbox = yes
>
> >   location >
> >   mailbox Archive {
>
> >     auto = create
>
> >     special_use = \Archive
>
> >   }
>
> >   mailbox Drafts {
>
> >     auto = create
>
> >     special_use = \Drafts
>
> >   }
>
> >   mailbox Junk {
>
> >     auto = create
>
> >     special_use = \Junk
>
> >   }
>
> >   mailbox Sent {
>
> >     auto = create
>
> >     special_use = \Sent
>
> >   }
>
> >   prefix >
> >   separator = /
>
> >   type = private
>
> > }
>
> > passdb {
>
> >   args = /etc/dovecot/dovecot-sql.conf.ext
>
> >   driver = sql
>
> > }
>
> > protocols = imap lmtp
>
> > service auth-worker {
>
> >   user = vmail
>
> > }
>
> > service auth {
>
> >   unix_listener /var/spool/postfix/private/auth {
>
> >     group = postfix
>
> >     mode = 0666
>
> >     user = postfix
>
> >   }
>
> >   unix_listener auth-userdb {
>
> >     group = postfix
>
> >     mode = 0600
>
> >     user = postfix
>
> >   }
>
> >   user = root
>
> > }
>
> > service imap-login {
>
> >   inet_listener imaps {
>
> >     port = 993
>
> >     ssl = yes
>
> >   }
>
> > }
>
> > service lmtp {
>
> >   process_min_avail = 10
>
> >   unix_listener /var/spool/postfix/private/dovecot-lmtp {
>
> >     group = postfix
>
> >     mode = 0600
>
> >     user = postfix
>
> >   }
>
> > }
>
> > ssl = required
>
> > ssl_cert = </etc/letsencrypt/live/thetradinghall.com/fullchain.pem
>
> > ssl_crypto_device = dynamic
>
>   ^^ does it work when you comment/remove this setting?
>
>
>
> from my 10-ssl.conf
>
> # SSL crypto device to use, for valid values run "openssl engine"
>
> #ssl_crypto_device >
>
>
> by default ssl_crypto_device is not set.
>
the line was uncommented, so I commented it. Now .-)

--------------------------------------------
 ? dovecot.service - Dovecot IMAP/POP3 email server
   Loaded: loaded (/usr/lib/systemd/system/dovecot.service; enabled; vendor
preset: disabled)
   Active: active (running) since Thu 2016-10-13 10:46:27 CEST; 6s ago
     Docs: man:dovecot(1)
           http://wiki2.dovecot.org/
  Process: 9793 ExecStop=/usr/bin/doveadm stop (code=exited,
status=0/SUCCESS)
  Process: 9806 ExecStart=/usr/sbin/dovecot (code=exited, status=0/SUCCESS)
  Process: 9804 ExecStartPre=/usr/libexec/dovecot/prestartscript
(code=exited, status=0/SUCCESS)
 Main PID: 9807 (dovecot)
   CGroup: /machine.slice/systemd-nspawn at poppy.service
/system.slice/dovecot.service
           ??9807 /usr/sbin/dovecot
           ??9808 dovecot/lmtp
           ??9809 dovecot/anvil
           ??9810 dovecot/log
           ??9811 dovecot/ssl-params
           ??9812 dovecot/lmtp
           ??9813 dovecot/lmtp
           ??9814 dovecot/lmtp
           ??9815 dovecot/lmtp
           ??9816 dovecot/lmtp
           ??9817 dovecot/lmtp
           ??9818 dovecot/lmtp
           ??9819 dovecot/lmtp
           ??9820 dovecot/lmtp
           ??9821 dovecot/config

Oct 13 10:46:27 thetradinghall.com systemd[1]: Starting Dovecot IMAP/POP3
email server...
Oct 13 10:46:27 thetradinghall.com systemd[1]: dovecot.service: PID file
/var/run/dovecot/master.pid not r
Oct 13 10:46:27 thetradinghall.com systemd[1]: Started Dovecot IMAP/POP3
email server.
-------------------------------------------------------

Thank you so much for your precious help.


>
>
> > ssl_key = </etc/letsencrypt/live/thetradinghall.com/privkey.pem
>
> > ssl_protocols = !SSLv2 !SSLv3
>
> > userdb {
>
> >   args = uid=5000 gid=5000 home=/storage/vmail/%d/%n
>
> >   driver = static
>
> > }
>
> > verbose_ssl = yes
>
> > protocol lmtp {
>
> >   hostname = thetradinghall.com
>
> >   postmaster_address = postmaster at thetradinghall.com
>
> > }
>
> >
>
> >
>
> --
>
>   Christian Kivalo
>
>

dovecot - Oct 2016 - SSL error

SSL error

SSL error

SSL error