search for: openssl_conf

...*********************************# #| #| file : /root/apps/share/sh/create_dovecot_certificate #| #*---------------------------------------------------------------------------*# BELL="\007" DOVECOT_DIR="${DOVECOT_DIR-/var/lib/dovecot}" OPENSSL="${OPENSSL-openssl}" OPENSSL_CONF="${OPENSSL_CONF-/etc/dovecot/dovecot-openssl.cnf}" #.............................................................................# certificates_dir="${DOVECOT_DIR}/certificates" echo="/bin/echo -e" error="${BELL}%ERROR -" #*------------------------------...

...ir personal devices.? You'll need to make your on decision on that score. The file to change is (on Ubuntu, at least) /usr/lib/ssl/openssl.cnf.? The change consists of adding a line of code in the initial section that invokes several new sections later: In the initial section I added: ??? openssl_conf = default_conf Then at the bottom of the file I added: ??? [default_conf] ??? ssl_conf = ssl_sect ??? [ssl_sect] ??? system_default = system_default_sect ??? [system_default_sect] ??? MinProtocol = TLSv1 ??? CipherString = DEFAULT at SECLEVEL=1 There is an alternative approach that I ha...

Hi. I had generate a SSL cetificate. I performed following actions: mkdir /opt/LocalCA cd /opt/LocalCA mkdir certs mkdir private chmod 700 private echo '01' > serial touch index.txt cd /opt/LocalCA PATH=/opt/openssl/bin:$PATH export PATH OPENSSL_CONF=/opt/LocalCA/LocalCA.cnf export OPENSSL_CONF openssl req -x509 -newkey rsa -out cacert.pem -outform PEM -days 1825 Then made following files: /opt/LocalCA/cacert.pem # CA public certificate /opt/LocalCA/private/cakey.pem # CA private key Then i performed 2 actions: mv /opt/LocalCA/cacert.p...

I've dovecot --version 2.3.10.1 (a3d0e1171) openssl version OpenSSL 1.1.1g FIPS 21 Apr 2020 , atm on Fedora32. I configure /etc/pki/tls/openssl.cnf to set preferences for apps' usage, e.g. Postfix etc; Typically, here cat /etc/pki/tls/openssl.cnf openssl_conf = default_conf [default_conf] ssl_conf = ssl_sect [ssl_sect] system_default = system_default_sect [system_default_sect] MinProtocol = TLSv1.2 Ciphersuites = TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256 CipherString = ECDHE-ECDSA-CHACHA20-POLY1305:ECD...

hi, On 10/1/20 12:21 AM, JEAN-PAUL CHAPALAIN wrote: > I had the same problem when migrating from Dovecot V2.2.36 on, Centos-7 to?Dovecot v2.3.8 on Centos-8 My report is specifically/solely about the addition/use of the Options = ServerPreference parameter. I don't see that in your configuration. Are you using it? In a config using Dovecot's submission proxy?

Hi, In my Centos-8 server, it was not necessary using "Options = ServerPreference" parameter. My openssl.conf look like that : openssl_conf = default_modules [ default_modules ] ssl_conf = ssl_module [ ssl_module ] system_default = crypto_policy [ crypto_policy ] *.include /etc/crypto-policies/back-ends/opensslcnf.config* And /etc/crypto-policies/back-ends/opensslcnf.config : CipherString = @SECLEVEL=2:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kE...

...d0e1171) > openssl version > OpenSSL 1.1.1g FIPS 21 Apr 2020 > > , atm on Fedora32. > > I configure > > /etc/pki/tls/openssl.cnf > > to set preferences for apps' usage, e.g. Postfix etc; Typically, here > > cat /etc/pki/tls/openssl.cnf > > openssl_conf = default_conf > > [default_conf] > ssl_conf = ssl_sect > > [ssl_sect] > system_default = system_default_sect > > [system_default_sect] > MinProtocol = TLSv1.2 > Ciphersuites = TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256...

...penSSH Version: 5.3p1 Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P2 Component: Miscellaneous AssignedTo: unassigned-bugs at mindrot.org ReportedBy: pizza at shaftnet.org from the OPENSSL_config manpage: "OPENSSL_config() configures OpenSSL using the standard openssl.cnf configuration file name using config_name. If config_name is NULL then the default name openssl_conf will be used." ... "It is strongly recommended that all new applications call OPENSSL_config(...

...1 Apr 2020 > > > > , atm on Fedora32. > > > > I configure > > > > /etc/pki/tls/openssl.cnf > > > > to set preferences for apps' usage, e.g. Postfix etc; Typically, here > > > > cat /etc/pki/tls/openssl.cnf > > > > openssl_conf = default_conf > > > > [default_conf] > > ssl_conf = ssl_sect > > > > [ssl_sect] > > system_default = system_default_sect > > > > [system_default_sect] > > MinProtocol = TLSv1.2 > > Ciphersuites = TLS_CHACHA20_POLY1305_SHA...

> On 22/09/2020 21:00 PGNet Dev <pgnet.dev at gmail.com> wrote: > > > On 9/22/20 10:51 AM, Aki Tuomi wrote: > >>> > > > > Well, dovecot does not actually do any parsing for system-wide openssl.cnf. This sounds more like OpenSSL issue than dovecot issue. > > I've NO issue with that config/setting with any _other_ app -- whether in general

Forwarded, because I don''t think he''s subscribed and I''m not getting an email notification in my Yahoo account. Dan -----Original Message----- From: CT [mailto:demerzel@gmail.com] Sent: Friday, February 04, 2005 4:17 PM To: Berger, Daniel Cc: win32utils-devel@rubyforge.org Subject: Re: Bug fix On Fri, 4 Feb 2005 16:53:17 -0600, Berger, Daniel