James Brown
2018-Nov-13 03:28 UTC
New install - getting error: "Failed to initialize SSL server context: Couldn't parse DH parameters"
I?m setting up Dovecot using Homebrew on a new server and am getting this when I try to login via IMAP: Nov 13 14:13:35 auth: Debug: auth client connected (pid=30719) Nov 13 14:13:35 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<gM0HNIN6HtoAAAAAAAAAAAAAAAAAAAAB> Nov 13 14:18:33 auth: Debug: Loading modules from directory: /usr/local/Cellar/dovecot/2.3.2.1/lib/dovecot/auth Nov 13 14:18:33 auth: Debug: Module loaded: /usr/local/Cellar/dovecot/2.3.2.1/lib/dovecot/auth/lib20_auth_var_expand_crypt.so Nov 13 14:18:33 auth: Debug: Read auth token secret from /usr/local/var/run/dovecot/auth-token-secret.dat Nov 13 14:18:33 auth: Debug: auth client connected (pid=30848) Nov 13 14:18:33 imap-login: Error: Failed to initialize SSL server context: Couldn't parse DH parameters: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: DH PARAMETERS: user=<>, rip=::1, lip=::1, secured, session=<q7TJRYN6RdoAAAAAAAAAAAAAAAAAAAAB> Nov 13 14:18:33 imap-login: Info: Disconnected: TLS initialization failed. (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<q7TJRYN6RdoAAAAAAAAAAAAAAAAAAAAB> I?ve used: Openssl gendh 2048 And put the output: -----BEGIN DH PARAMETERS----- MIIBCAKCAQEA0IF7kQX32IJFm/5HEVwYf7Be4G9iY86MvLiFLL3wHGqcPT3EMsIv YSe5XOT0Q7DGXPOZ+DLlJq8KDHxWKNI6j/0ZaRBrF38CWj8Jqxa8pqo9FVSWj45b JwSLqBSoBIEFWibqSE6L8wlV8xjMsB34xLHduJDNbaBzsooN749CopTkmkuGeXKH waOEbDzlOq+qHEa4bjx2/e/TnPj0kCrMnfeU4QILo1rJwuN4nY6k7fGwgEDVa2hE oOrVfJxxxxxxxxxyyyyyuuuixxxxblahblahblahhhkkkkkkkkkkkkXCGsxhlDQO QmzOhHqPovzbBByO9iR5fu3xbNm9YRxPowIBAg=-----END DH PARAMETERS?? Into a file dh.pem and then added ssl_dh=/usr/local/etc/dovecot/dh.pem To my dovecot.conf file. Reloaded Dovecot but still get the same error. Any suggestions? macOS 10.13.6, Dovecot 2.3.2.1 Any suggestions? Thanks, James. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20181113/b1e2463b/attachment-0001.html>
Michael A. Peters
2018-Nov-13 03:43 UTC
New install - getting error: "Failed to initialize SSL server context: Couldn't parse DH parameters"
try openssl dhparam -out /usr/local/etc/dovecot/dh.pem 2048 On 11/12/2018 07:28 PM, James Brown wrote:> I?m setting up Dovecot using Homebrew on a new server and am getting > this when I try to login via IMAP: > > Nov 13 14:13:35 auth: Debug: auth client connected (pid=30719) > Nov 13 14:13:35 imap-login: Info: Aborted login (no auth attempts in 0 > secs): user=<>, rip=::1, lip=::1, secured, > session=<gM0HNIN6HtoAAAAAAAAAAAAAAAAAAAAB> > Nov 13 14:18:33 auth: Debug: Loading modules from directory: > /usr/local/Cellar/dovecot/2.3.2.1/lib/dovecot/auth > Nov 13 14:18:33 auth: Debug: Module loaded: > /usr/local/Cellar/dovecot/2.3.2.1/lib/dovecot/auth/lib20_auth_var_expand_crypt.so > Nov 13 14:18:33 auth: Debug: Read auth token secret from > /usr/local/var/run/dovecot/auth-token-secret.dat > Nov 13 14:18:33 auth: Debug: auth client connected (pid=30848) > Nov 13 14:18:33 imap-login: Error: Failed to initialize SSL server > context: Couldn't parse DH parameters: error:0906D06C:PEM > routines:PEM_read_bio:no start line: Expecting: DH PARAMETERS: user=<>, > rip=::1, lip=::1, secured, session=<q7TJRYN6RdoAAAAAAAAAAAAAAAAAAAAB> > Nov 13 14:18:33 imap-login: Info: Disconnected: TLS initialization > failed. (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, > secured, session=<q7TJRYN6RdoAAAAAAAAAAAAAAAAAAAAB> > > I?ve used: > > Openssl gendh 2048 > > And put the output: > > -----BEGIN DH PARAMETERS----- > MIIBCAKCAQEA0IF7kQX32IJFm/5HEVwYf7Be4G9iY86MvLiFLL3wHGqcPT3EMsIv > YSe5XOT0Q7DGXPOZ+DLlJq8KDHxWKNI6j/0ZaRBrF38CWj8Jqxa8pqo9FVSWj45b > JwSLqBSoBIEFWibqSE6L8wlV8xjMsB34xLHduJDNbaBzsooN749CopTkmkuGeXKH > waOEbDzlOq+qHEa4bjx2/e/TnPj0kCrMnfeU4QILo1rJwuN4nY6k7fGwgEDVa2hE > oOrVfJxxxxxxxxxyyyyyuuuixxxxblahblahblahhhkkkkkkkkkkkkXCGsxhlDQO > QmzOhHqPovzbBByO9iR5fu3xbNm9YRxPowIBAg=> -----END DH PARAMETERS?? > > Into a file dh.pem and then added > > ssl_dh=/usr/local/etc/dovecot/dh.pem > > To my dovecot.conf file. > > Reloaded Dovecot but still get the same?error. > > Any suggestions? > > macOS 10.13.6, Dovecot 2.3.2.1 > > Any suggestions? > > Thanks, > > James.
James Brown
2018-Nov-13 04:00 UTC
New install - getting error: "Failed to initialize SSL server context: Couldn't parse DH parameters"
> On 11/12/2018 07:28 PM, James Brown wrote: >> I?m setting up Dovecot using Homebrew on a new server and am getting this when I try to login via IMAP: >> Nov 13 14:13:35 auth: Debug: auth client connected (pid=30719) >> Nov 13 14:13:35 imap-login: Info: Aborted login (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<gM0HNIN6HtoAAAAAAAAAAAAAAAAAAAAB> >> Nov 13 14:18:33 auth: Debug: Loading modules from directory: /usr/local/Cellar/dovecot/2.3.2.1/lib/dovecot/auth >> Nov 13 14:18:33 auth: Debug: Module loaded: /usr/local/Cellar/dovecot/2.3.2.1/lib/dovecot/auth/lib20_auth_var_expand_crypt.so >> Nov 13 14:18:33 auth: Debug: Read auth token secret from /usr/local/var/run/dovecot/auth-token-secret.dat >> Nov 13 14:18:33 auth: Debug: auth client connected (pid=30848) >> Nov 13 14:18:33 imap-login: Error: Failed to initialize SSL server context: Couldn't parse DH parameters: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: DH PARAMETERS: user=<>, rip=::1, lip=::1, secured, session=<q7TJRYN6RdoAAAAAAAAAAAAAAAAAAAAB> >> Nov 13 14:18:33 imap-login: Info: Disconnected: TLS initialization failed. (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, secured, session=<q7TJRYN6RdoAAAAAAAAAAAAAAAAAAAAB> >> I?ve used: >> Openssl gendh 2048 >> And put the output: >> -----BEGIN DH PARAMETERS----- >> MIIBCAKCAQEA0IF7kQX32IJFm/5HEVwYf7Be4G9iY86MvLiFLL3wHGqcPT3EMsIv >> YSe5XOT0Q7DGXPOZ+DLlJq8KDHxWKNI6j/0ZaRBrF38CWj8Jqxa8pqo9FVSWj45b >> JwSLqBSoBIEFWibqSE6L8wlV8xjMsB34xLHduJDNbaBzsooN749CopTkmkuGeXKH >> waOEbDzlOq+qHEa4bjx2/e/TnPj0kCrMnfeU4QILo1rJwuN4nY6k7fGwgEDVa2hE >> oOrVfJxxxxxxxxxyyyyyuuuixxxxblahblahblahhhkkkkkkkkkkkkXCGsxhlDQO >> QmzOhHqPovzbBByO9iR5fu3xbNm9YRxPowIBAg=>> -----END DH PARAMETERS?? >> Into a file dh.pem and then added >> ssl_dh=/usr/local/etc/dovecot/dh.pem >> To my dovecot.conf file. >> Reloaded Dovecot but still get the same error. >> Any suggestions? >> macOS 10.13.6, Dovecot 2.3.2.1 >> Any suggestions? >> Thanks, >> James. > > > On 13 Nov 2018, at 2:43 pm, Michael A. Peters <mpeters at domblogger.net> wrote: > > try > > openssl dhparam -out /usr/local/etc/dovecot/dh.pem 2048Thanks Michael. Gave that a go, and it successfully created the file, I reloaded Dovecot, but still get the same error. James.
Markus Schönhaber
2018-Nov-13 07:17 UTC
New install - getting error: "Failed to initialize SSL server context: Couldn't parse DH parameters"
James Brown, Tue, 13 Nov 2018 14:28:47 +1100:> I?ve used: > > Openssl gendh 2048 > > And put the output:[...]> > Into a file dh.pem and then added > > ssl_dh=/usr/local/etc/dovecot/dh.pemTry ssl_dh=</usr/local/etc/dovecot/dh.pem -- Regards mks
Seemingly Similar Threads
- New install - getting error: "Failed to initialize SSL server context: Couldn't parse DH parameters"
- New install - getting error: "Failed to initialize SSL server context: Couldn't parse DH parameters"
- [Bug 2302] with DH-GEX, ssh (and sshd) should not fall back to unconfigured DH groups or at least document this behaviour and use a stronger group
- [Bug 2303] New: ssh (and perhaps even sshd) should allow to specify the minimum DH group sizes for DH GEX
- [Bug 2302] with DH-GEX, ssh (and sshd) should not fall back to unconfigured DH groups or at least document this behaviour and use a stronger group