Displaying 13 results from an estimated 13 matches for "ssl_ca_dir".
2023 Jan 21
1
Different username for passdb and userdb
...users, where the mail is actually drawn from, are of the
format: user (passwd file driven).
I was able to log in with just "user", and have it both authenticate
remotely, and access local mail, using:
passdb {
driver = imap
args = host=remotehost.com ssl=imaps port=993 user=%n@%d ssl_ca_dir=/etc/ssl/certs
}
userdb {
driver = passwd
args = blocking=no
}
However, the remote SMTP server, which I will not be proxying, requires
the same user at domain format for usernames. I would rather not ask
users to use "user at domain" for SMTP, and "user" for IMAP.
They s...
2017 May 31
2
Bug with 2.2.29-1~auto+25 back to haunt me
...Hindenburgdamm 30 | D-12203 Berlin
> Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
> ralf.hildebrandt at charite.de | https://www.charite.de
>
Hi.
passdb imap was changed to verify remote SSL cert by default (yeah, it kinda didn't do this before). It requires a ssl_ca_file or ssl_ca_dir setting in args. Or you can disable this behaviour with allow_invalid_cert.
Aki
2017 Jan 06
1
Auth-policy: auth_policy_server_url and https support
...certs without trusted CAs (ssl_client_ca_* settings)
and in version 2.3.devel
Policy server HTTP error: 9002 Requested https connection, but no SSL settings given
dovecot.conf does have ?ssl_client_ca_dir = /etc/ssl/certs? set.
Looking around the source, http-client-settings are not given the ssl_ca_dir or ssl_ca_file setting from the config.
Admittedly SSL tear up/down is little expensive per auth, but I think it maybe it should still work?
2017 May 31
2
Bug with 2.2.29-1~auto+25 back to haunt me
After upgrading from 2.2.28-1~auto+45 to 2.2.29-1~auto+25 I'm gettings
this:
May 31 16:44:31 mproxy dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting
May 31 16:44:31 mproxy dovecot: master: Error: service(auth): command startup failed, throttling for 8 secs
May 31 16:44:31 mproxy dovecot: imap-login: Disconnected: Auth process broken (disconnected before auth was ready, waited 2 secs): user=<>, rip=141.42.206.36, lip...
2020 Oct 27
2
imapc_port not working
...t;
> I have solved the port problem by specifying it in the passdb section as userdb_imapc_port=993
>
> But:
> This is in the error log when I make a connection from the client:
>
> Oct 27 08:49:16 imapproxy01 dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting
> Oct 27 08:49:16 imapproxy01 dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs
>
>
> On Tuesday, 27 October 2020, 09:48:49 pm NZDT, David Tildesley <davotnz at yahoo.co.nz> wrote:
>
>
>
> xxxx at imapproxy...
2020 Oct 27
3
imapc_port not working
...namespace/gmail/subscriptions=no userdb_namespace/gmail/separator=. userdb_namespace/gmail/prefix=INBOX.gmail. userdb_namespace/gmail/location=imapc: userdb_imapc_host=imap.gmail.com userdb_imapc_user=xxxx at gmail.com userdb_imapc_password=#hidden_use-P_to_show# userdb_imapc_ssl=imaps userdb_imapc_ssl_ca_dir=/etc/ssl/certs userdb_imapc_port=993? driver = imap}plugin {? sieve = file:~/sieve;active=~/.dovecot.sieve}protocols = " imap"ssl_cert = </etc/dovecot/private/dovecot.pemssl_client_ca_dir = /etc/ssl/certsssl_dh = # hidden, use -P to show itssl_key = # hidden, use -P to show ituserdb {?...
2020 Oct 27
2
imapc_port not working
...e port problem by specifying it in the passdb section as userdb_imapc_port=993
> >
> > But:
> > This is in the error log when I make a connection from the client:
> >
> > Oct 27 08:49:16 imapproxy01 dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting
> > Oct 27 08:49:16 imapproxy01 dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs
> >
> >
> > On Tuesday, 27 October 2020, 09:48:49 pm NZDT, David Tildesley <davotnz at yahoo.co.nz> wrote:
> >
> >...
2017 Jun 01
0
Bug with 2.2.29-1~auto+25 back to haunt me
...> Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
> > ralf.hildebrandt at charite.de | https://www.charite.de
> >
>
> Hi.
>
> passdb imap was changed to verify remote SSL cert by default (yeah, it
> kinda didn't do this before). It requires a ssl_ca_file or ssl_ca_dir
> setting in args. Or you can disable this behaviour with
> allow_invalid_cert.
I did specify "ssl_ca_file", but then dovecot said "ssl_ca_file has been replaced by ssl_ca = <file" -- so I used that and it wouldn't work
either!
--
Ralf Hildebrandt
Gesch?ftsbere...
2020 Oct 27
0
imapc_port not working
I have solved the port problem by specifying it in the passdb section as userdb_imapc_port=993
But:This is in the error log when I make a connection from the client:
Oct 27 08:49:16 imapproxy01 dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file settingOct 27 08:49:16 imapproxy01 dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs
On Tuesday, 27 October 2020, 09:48:49 pm NZDT, David Tildesley <davotnz at yahoo.co.nz> wrote:
xxxx at imapproxy01:/etc/dovecot/conf.d$ dovecot -n...
2013 May 16
1
quota with imapc
...ail server?
I am attaching my conf
## Dovecot configuration file in
mail_uid = imapproxy
mail_gid = imapproxy
mail_home = /home/imapproxy/%u
mail_location = imapc:~/imapc
protocols = imap
##
## imapc settings
##
imapc_host = mailserver.example.com
imapc_port = 143
imapc_ssl = starttls
imapc_ssl_ca_dir = /etc/postfix/certs
##
## auth settings
##
auth_mechanisms = plain login
passdb {
driver = imap
args = host=mailserver.example.com ssl=starttls
ssl_ca_dir=/etc/postfix/certs
default_fields = userdb_imapc_user=%u userdb_imapc_password=%w
ssl=starttls
}
userdb {
driver = prefetch
}
mail...
2020 Oct 27
0
imapc_port not working
...t;
> I have solved the port problem by specifying it in the passdb section as userdb_imapc_port=993
>
> But:
> This is in the error log when I make a connection from the client:
>
> Oct 27 08:49:16 imapproxy01 dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting
> Oct 27 08:49:16 imapproxy01 dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs
>
>
> On Tuesday, 27 October 2020, 09:48:49 pm NZDT, David Tildesley <davotnz at yahoo.co.nz> wrote:
>
>
>
> xxxx at imapproxy...
2017 Jun 02
2
Bug with 2.2.29-1~auto+25 back to haunt me
...x: +49 30 450 570 962
> > > ralf.hildebrandt at charite.de | https://www.charite.de
> > >
> >
> > Hi.
> >
> > passdb imap was changed to verify remote SSL cert by default (yeah, it
> > kinda didn't do this before). It requires a ssl_ca_file or ssl_ca_dir
> > setting in args. Or you can disable this behaviour with
> > allow_invalid_cert.
>
> I did specify "ssl_ca_file", but then dovecot said "ssl_ca_file has been replaced by ssl_ca = <file" -- so I used that and it wouldn't work
> either!
>
> -...
2020 Oct 27
0
imapc_port not working
...e port problem by specifying it in the passdb section as userdb_imapc_port=993
> >
> > But:
> > This is in the error log when I make a connection from the client:
> >
> > Oct 27 08:49:16 imapproxy01 dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting
> > Oct 27 08:49:16 imapproxy01 dovecot: master: Error: service(auth): command startup failed, throttling for 2 secs
> >
> >
> > On Tuesday, 27 October 2020, 09:48:49 pm NZDT, David Tildesley <davotnz at yahoo.co.nz> wrote:
> >
> >...