search for: gandica2

...9:52, vous ?criviez : > Please keep responses in list. rm -f > /var/lib/dovecot/ssl-parameters.dat, i think it was in that dir. > On 2017-02-03 17:00, Thierry wrote: >> Hi, >> >> I have removed the '<' : >> >> ssl_client_ca_file = /etc/ssl/certs/GandiCA2.pem >> >> But now: >> >> doveadm: Error: Corrupted SSL parameters file in state_dir: ssl-parameters.dat - disabling SSL 360 >> doveadm: Error: Couldn't initialize SSL parameters, disabling SSL >> doveadm: Error: Corrupted SSL parameters file in state_dir: ssl...

Hi, I have made change: ssl_protocols = !SSLv2 !SSLv3 ssl = required verbose_ssl = no ssl_key = </etc/ssl/private/private.key ssl_cert = </etc/ssl/certs/key.crt ssl_client_ca_file = </etc/ssl/certs/GandiCA2.pem # Create a listener for doveadm-server service doveadm { user = vmail inet_listener { port = 12345 ssl= yes } } and doveadm_port = 12345 // mail_replica = tcps:server2.domain.ltd # use doveadm_port And now: Feb 03 14:11:16 doveadm(user1 at domain.ltd): Error: sync: Couldn...

...hronisation > works with ssl disabled? This dovecot is working well with my email client and web mail interface, I would prefer not to start playing with this config file ... > - Did you verify your certificate files (e.g., "openssl verify -verbose > -CAfile /etc/ssl/certs/GandiCA2.pem /etc/ssl/certs/key.crt")? yes: openssl verify -verbose -CAfile /etc/ssl/certs/GandiCA2.pem /etc/ssl/certs/key.crt /etc/ssl/certs/key.crt: OK > Personally, I prefer to use a single, specialised tool to manage > certificates/encryption (which in my case is stunnel); all other &g...

...is open/forwarded and actually /used/ by dovecot (e.g., use "netstat -tulpn|grep dovecot")? - Did you retrace your steps and have you verified that synchronisation works with ssl disabled? - Did you verify your certificate files (e.g., "openssl verify -verbose -CAfile /etc/ssl/certs/GandiCA2.pem /etc/ssl/certs/key.crt")? Personally, I prefer to use a single, specialised tool to manage certificates/encryption (which in my case is stunnel); all other programs are set up using (link-)local ip addresses only. If everything but encryption works with your setup, this might be a possibl...

Please keep responses in list. rm -f /var/lib/dovecot/ssl-parameters.dat, i think it was in that dir. On 2017-02-03 17:00, Thierry wrote: > Hi, > > I have removed the '<' : > > ssl_client_ca_file = /etc/ssl/certs/GandiCA2.pem > > But now: > > doveadm: Error: Corrupted SSL parameters file in state_dir: ssl-parameters.dat - disabling SSL 360 > doveadm: Error: Couldn't initialize SSL parameters, disabling SSL > doveadm: Error: Corrupted SSL parameters file in state_dir: ssl-parameters.dat - disabl...

Hello, Still working with my dsync pb. I have done a clone (vmware) of my email server. Today I have two strictly identical emails servers (server1 (main) and server2 (bck) (except IP, hostname and mail_replica). The ssl config on my both server: ssl_protocols = !SSLv2 !SSLv3 ssl = required verbose_ssl = no ssl_key = </etc/ssl/private/private.key ssl_cert =