search for: ssl_cert_file

I'm running 1.0rc23 on FreeBSD 6.2-RELEASE, and seeing the following: Starting dovecot. Error: Can't use SSL key file /etc/ssl/private/dovecot.pem: No such file or directory In the config file I have: ssl_cert_file=/usr/local/certs/imapd.pem Looking for dovecot.pem on the config file there's only: % grep dovecot.pem dovecot.conf #ssl_cert_file = /etc/ssl/certs/dovecot.pem #ssl_key_file = /etc/ssl/private/dovecot.pem So the two entries referencing dovecot.pem are commented out. I removed those two lin...

...Server: imap.example.com And pop3, imap, smtp are alias of real.example.com When use IMAPS, user connents imap.example.com POP3S, user connents pop3.example.com But one Certification file certificates only one FQDN. For example, dovecot.conf written that protocols = imaps pop3s ssl_cert_file = /etc/ssl/certs/imap.example.com.cert.pem ssl_key_file = /etc/ssl/private/imap.example.com.key.pem # imap.example.com.cert.pem's CN is imap.example.com In this pattern. MUA such as Thunderbird warn when connect pop3s because FQDN is different. I have an simple idea in this problem. dove...

Since my old config had this: protocols = imap imaps pop3 pop3s ssl_cert_file = /usr/share/ssl/certs/imapd.pem ssl_key_file = /usr/share/ssl/certs/imapd.pem then the convert script should have added ssl = yes Just trying to document all the little issues as I find them.

I hope I'm asking this on the right list, in the right place. I go through this every three years and for whatever reason keep forgetting to record how this works! In the Dovecot config, there are two places to define SSL certificates--ssl_cert_file and ssl_key_file. My question is this: Which two of the three files--the certifying authority, the signed certificate for the specific system, and the private certificate file--are combined to create the file that goes with ssl_cert_file? Since there are six possible permutations to answer this que...

...Courier to Dovecot (1.0.rc15) on Debian. I am trying to set up virtual servers based on the principal in this thread: http://www.dovecot.org/list/dovecot/2006-October/017165.html which suggests something like this to support multiple certificates: server foo { listen = 1.2.3.4 ssl_cert_file = /etc/ssl/certs/foo.cer } server bar { listen = 1.2.3.5 ssl_cert_file = /etc/ssl/certs/bar.cer } My virtual configs look like this: server mail.domain1.org { listen = 1.2.3.4 protocols = pop3 pop3s imap imaps ssl_cert_file = /etc/mail/hosts/domain1....

...ion file is pretty basic so maybe someone can point out where I'm going wrong. I stripped out the few comments and unrelated settings. #listen = * disable_plaintext_auth = no ssl_ca_file = myca.crt protocol lda { postmaster_address = postmaster at example.com } server a1 { protocols = pop3 ssl_cert_file = a1.crt ssl_key_file = a1.key listen = 1.0.0.2:110 1.0.0.2:111 auth default { mechanisms = plain passdb pam { } userdb passwd { }}} server a2 { protocols = pop3s ssl_cert_file = a1.crt ssl_key_file = a1.key listen = 1.0.0.2:995 auth default { mechanisms = plain passdb p...

...a way to resolve this? I read something about using virtual servers but all I could find is this in a post somewhere - I don't know which file it goes, where in that file etc: <snip> 1.0-tests support "virtual servers", where this is possible: server foo { listen = 1.2.3.4 ssl_cert_file = /etc/ssl/certs/foo.cer } server bar { listen = 1.2.3.5 ssl_cert_file = /etc/ssl/certs/bar.cer } </snip> Can anyone help me figure this out? (PS - I can't just set up my own IMAP web interface because I can't run anything on port 80 with my ISP and I can't get out of our c...

...s that process is underway)? For instance, a recipe to sniff the text of the interchange? Final question: Any other information I can provide that might help debug this? Thanks, <mike dovecot info: bhuda# dovecot --version 1.0.5 bhuda# dovecot -n # 1.0.5: /usr/opt/etc/dovecot.conf ssl_cert_file: /usr/local/etc/openvpn/server.crt ssl_key_file: /usr/local/etc/openvpn/server.key login_dir: /var/run/dovecot/login login_executable: /usr/opt/libexec/dovecot/imap-login verbose_proctitle: yes first_valid_gid: 0 mail_extra_groups: mail mail_location: maildir:~/mailboxes imap_client_workarounds: de...

...* listen(managesieve): * ssl_listen(default): *:993,[::]:993 ssl_listen(imap): *:993,[::]:993 ssl_listen(pop3): *:2221,[::]:2221 ssl_listen(managesieve): ssl_ca_file(default): /etc/dovecot/ca.crt ssl_ca_file(imap): /etc/dovecot/ca.crt ssl_ca_file(pop3): /etc/dovecot/ca.crt ssl_ca_file(managesieve): ssl_cert_file(default): /etc/dovecot/ufsc.br.crt ssl_cert_file(imap): /etc/dovecot/ufsc.br.crt ssl_cert_file(pop3): /etc/dovecot/ufsc.br.crt ssl_cert_file(managesieve): /etc/ssl/certs/dovecot.pem ssl_key_file(default): /etc/dovecot/ufsc.br.key ssl_key_file(imap): /etc/dovecot/ufsc.br.key ssl_key_file(pop3): /etc...

Hello all, I'm trying to run several instances of dovecot, with a different config each one, following the instructions from here: http://wiki.dovecot.org/RunningDovecot I try the command dovecot -c /etc/dovecot/installN/dovecot.conf and get: --- Error: ssl_cert_file: Can't use /etc/ssl/certs/dovecot.pem: No such file or directory Fatal: Invalid configuration in /etc/dovecot/installN --- but in my /etc/dovecot/installN/dovecot.conf file I have these lines: ssl_cert_file = /etc/dovecot/installN/ssl/certs/dovecot.pem ssl_key_file = /etc/dovecot/installN/ss...

This is for Dovecot 1.0.rc15 from Debian Backports on 3.1 Stable, x86; Filesystems are local reiserfs; IMAPs client is KMail 1.9.5 Non-default settings in dovecot.conf: protocols = imaps ssl_cert_file = /etc/dovecot/mail.cert.pem ssl_key_file = /etc/dovecot/mail.key.pem mail_location = maildir:/var/mail/ambrosia.plus.com/%n mail_extra_groups = mail first_valid_uid = 1000 first_valid_gid = 1000 umask = 007 maildir_copy_with_hardlinks = yes To reproduce:- 1. Using your IMAP clie...

...c/ssl/ourCerts/imap.pem ssl_key = </etc/ssl/ourCerts/imap_key.pem Now, I've created new keys/certs and the CSR, got the new certs from RapidSSL (and also downloaded their Intermediate bundle), saved everything per their instructions, which say to reference them as follows: ssl = required ssl_cert_file = /etc/ssl/ourNewCerts/mail.ourdomain.com.crt ssl_key_file = /etc/ssl/ourNewCerts/mail.ourdomain.com.key ssl_ca_file = /etc/ssl/ourNewCerts/RapidSSL_Intermediate.crt But my current config doesn't have the _file for the variable names, and the wiki doesn't use them, so I'm planning on...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, occasionally Dovecot stops to accept new connections. Already existing ones do function properly. Strace'ing dovecot-auth reveals that it is running and is authentificating users, the logfile logs new connections. However, lots of other connects just stall, before the IMAP server responds with the greeting. My user backend is a LDAP

...handle old client-side settings. (See also: http://wiki.dovecot.org/Namespaces#head-0f3ab5ecab632eb517866c3508021e0605d54d4d) I have produced a slightly cut-down example configuration which demonstrates the problem: # dovecot -n # 1.1.3: /etc/dovecot/dovecot.conf protocols: imap imaps pop3 pop3s ssl_cert_file(default): /etc/ssl/certs/imap.pem ssl_cert_file(imap): /etc/ssl/certs/imap.pem ssl_cert_file(pop3): /etc/ssl/certs/pop.pem ssl_key_file(default): /etc/ssl/private/imap.key ssl_key_file(imap): /etc/ssl/private/imap.key ssl_key_file(pop3): /etc/ssl/private/pop.key disable_plaintext_auth(default): yes...

...P, expunge in INBOX, POP3 again. I also selected the mailbox Adresses once, to see if it is working. === # dovecot --version 1.0.rc26 # dovecot -n # /usr/local/dovecot.rc26/etc/dovecot.conf log_path: /var/log/dovecot/dovecot.log protocols: imap imaps pop3 pop3s ssl_ca_file: /etc/ssl/certs/ca.crt ssl_cert_file(default): /etc/ssl/certs/imap.pem ssl_cert_file(imap): /etc/ssl/certs/imap.pem ssl_cert_file(pop3): /etc/ssl/certs/pop3.pem ssl_key_file(default): /etc/ssl/private/imap.key ssl_key_file(imap): /etc/ssl/private/imap.key ssl_key_file(pop3): /etc/ssl/private/pop3.key disable_plaintext_auth: no verbose...

...key = "# char and trailing whitespace " ... #listen = * disable_plaintext_auth = no dave at mail:~$ sudo dovecot -n # 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-24-generic i686 Ubuntu 10.04.1 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imap pop3 imaps pop3s managesieve ssl_cert_file: /etc/ssl/certs/ssl-mail.pem ssl_key_file: /etc/ssl/private/ssl-mail.key ssl_cipher_list: ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM login_dir: /var/run/dovecot/login login_executable(default): /usr/lib/dovecot/imap-login login_executable(imap): /usr/lib/dovecot/imap-login l...

...My mail.err file is showing the following. Mar 7 17:56:04 mailserver dovecot: pop3-login: Can't load private key file /etc/ssl/mailserver/mail.mydomain.tld.key: error:0906A068:PEM routines:PEM_do_header:bad password read My dovecot.conf has the following set. # Uncomment these if using SSL ssl_cert_file = /etc/ssl/mailserver/mail.mydomain.tld.crt ssl_key_file = /etc/ssl/mailserver/mail.mydomain.tld.key #ssl_key_password = #ssl_ca_file = /etc/ssl/mailserver/ca/mydomain.pem #ssl_verify_client_cert = yes ssl_parameters_regenerate = 168 verbose_ssl = no I have been playing about with it all for about...

...to login. imap-login: Login: user=<username at example.com>. I check configuration from another server and it very same. I'm running on debian testing with config below. # 1.0.5: /etc/dovecot/dovecot.conf log_path: /var/log/dovecot.log info_log_path: /var/log/dovecot.info protocols: imap ssl_cert_file: /etc/postfix/new_chained.crt ssl_key_file: /etc/postfix/mail.pem login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login login_greeting_capability: yes mail_location: maildir:/var/mail/store/%u dotlock_use_excl: yes maildir_copy_with_hardlinks: yes auth default: mechanism...

Hi We have a dovecot server running both pop and imap, we have pop.domain.ltd and imap.domain.ltd going to the same server, is there any possibility make dovecot use two certificates? one for pop.domain.ltd and one for imap.domain.ltd? Greetings, Lars

Hi, I'm new to dovecot, but actually planning to switch a wide WU-IMAP/POP installation to dovecot. With WU-IMAP, a different certificate can be used by pop3s and imaps, allowing both server to be reachable through different hostnames,without SSL complaints on the client side; this is mostly used for scalability. I'm trying to do the same thing with dovecot; that is having dovecot using