Displaying 5 results from an estimated 5 matches for "default_conf".
2020 Aug 25
2
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
I've
dovecot --version
2.3.10.1 (a3d0e1171)
openssl version
OpenSSL 1.1.1g FIPS 21 Apr 2020
, atm on Fedora32.
I configure
/etc/pki/tls/openssl.cnf
to set preferences for apps' usage, e.g. Postfix etc; Typically, here
cat /etc/pki/tls/openssl.cnf
openssl_conf = default_conf
[default_conf]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1.2
Ciphersuites = TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
CipherString = ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20...
2020 Oct 16
2
Dovecot won't accept IMAP TLS 1 connections from older devices [SOLVED]
...ices.? You'll need to make your on decision on that score.
The file to change is (on Ubuntu, at least) /usr/lib/ssl/openssl.cnf.?
The change consists of adding a line of code in the initial section that
invokes several new sections later:
In the initial section I added:
??? openssl_conf = default_conf
Then at the bottom of the file I added:
??? [default_conf]
??? ssl_conf = ssl_sect
??? [ssl_sect]
??? system_default = system_default_sect
??? [system_default_sect]
??? MinProtocol = TLSv1
??? CipherString = DEFAULT at SECLEVEL=1
There is an alternative approach that I have read of but...
2020 Sep 22
0
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
...openssl version
> OpenSSL 1.1.1g FIPS 21 Apr 2020
>
> , atm on Fedora32.
>
> I configure
>
> /etc/pki/tls/openssl.cnf
>
> to set preferences for apps' usage, e.g. Postfix etc; Typically, here
>
> cat /etc/pki/tls/openssl.cnf
>
> openssl_conf = default_conf
>
> [default_conf]
> ssl_conf = ssl_sect
>
> [ssl_sect]
> system_default = system_default_sect
>
> [system_default_sect]
> MinProtocol = TLSv1.2
> Ciphersuites = TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
> CipherSt...
2020 Sep 22
3
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
...>
> > , atm on Fedora32.
> >
> > I configure
> >
> > /etc/pki/tls/openssl.cnf
> >
> > to set preferences for apps' usage, e.g. Postfix etc; Typically, here
> >
> > cat /etc/pki/tls/openssl.cnf
> >
> > openssl_conf = default_conf
> >
> > [default_conf]
> > ssl_conf = ssl_sect
> >
> > [ssl_sect]
> > system_default = system_default_sect
> >
> > [system_default_sect]
> > MinProtocol = TLSv1.2
> > Ciphersuites = TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256...
2020 Sep 23
2
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
> On 22/09/2020 21:00 PGNet Dev <pgnet.dev at gmail.com> wrote:
>
>
> On 9/22/20 10:51 AM, Aki Tuomi wrote:
> >>>
> >
> > Well, dovecot does not actually do any parsing for system-wide openssl.cnf. This sounds more like OpenSSL issue than dovecot issue.
>
> I've NO issue with that config/setting with any _other_ app -- whether in general