Displaying 20 results from an estimated 42 matches for "ssl_client_key".
2020 Jul 19
2
submission proxy -- where to config/present client cert?
?I've a dovecot instance setup with submission proxy,
protocols = imap lmtp submission sieve
hostname = internal.mx.example.com
submission_relay_host = internal.mx.example.com
submission_relay_port = 465
submission_relay_trusted = yes
submission_relay_ssl = smtps
submission_relay_ssl_verify = yes
service submission-login {
inet_listener submission {
address = 10.2.2.10,
2015 Feb 12
2
Dovecot dsync not replicating ".dovecot.sieve -> .sieve/managesieve.sieve" / setactive
...M:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
ssl_client_ca_file = /etc/ipa/ca.crt
ssl_client_cert = </etc/pki/tls/certs/dovecot.pem
ssl_client_key = </etc/pki/tls/private/dovecot.key
ssl_key = </etc/pki/tls/private/dovecot.key
ssl_parameters_regenerate = 1 weeks
ssl_prefer_server_ciphers = yes
ssl_protocols = !SSLv2 !SSLv3
userdb {
args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
driver = ldap
override_fields = gid=vmail home=/...
2015 Feb 12
0
Dovecot dsync not replicating ".dovecot.sieve -> .sieve/managesieve.sieve" / setactive
...A384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
> ssl_client_ca_file = /etc/ipa/ca.crt
> ssl_client_cert = </etc/pki/tls/certs/dovecot.pem
> ssl_client_key = </etc/pki/tls/private/dovecot.key
> ssl_key = </etc/pki/tls/private/dovecot.key
> ssl_parameters_regenerate = 1 weeks
> ssl_prefer_server_ciphers = yes
> ssl_protocols = !SSLv2 !SSLv3
> userdb {
> args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
> driver = ldap
>...
2011 Dec 22
1
proxying, SSL, and client certificate
How do I configure dovecot-2.0.x to present a client SSL certificate when proxying?
If dovecot on server1.example.com has:
passdb {
driver = static
args = proxy=y host=server2.example.com nopassword=y ssl=yes
}
and dovecot on server2.example.com has:
ssl_verify_client_cert = yes
auth_ssl_require_client_cert = yes
then when a client connects to server1 and authenticates, a connection is
2019 Sep 04
2
Different passdb backends for different services
...e = 0600
user = vmail
}
user = vmail
}
ssl_cert = </etc/ssl/mail.roessner-net.de/cert/fullchain.pem
ssl_cipher_list = ALL:!DH:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW at STRENGTH
ssl_client_cert = </etc/ssl/mail.roessner-net.de/cert/fullchain.pem
ssl_client_key = # hidden, use -P to show it
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes
submission_client_workarounds = whitespace-before-path
submission_relay_host = mail.roessner-net.de
submission_relay_port = 5870
submis...
2012 Aug 31
1
New log entries with 2.0.19?
...ogin/ssl-params {
group =
mode = 0666
user =
}
user =
vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = yes
ssl_ca =
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_cert =
ssl_client_key =
ssl_key = </etc/ssl/private/dovecot.pem
ssl_key_password =
ssl_parameters_regenerate = 168
ssl_verify_client_cert = no
submission_host =
syslog_facility = mail
userdb {
args =
driver = passwd
}
valid_chroot_dirs =
verbose_proctitle = no
verbose_ssl = no
version_ignore = no
protocol imap...
2013 Oct 07
2
Proxy to gmail not working
...ed
ssl_ca = </etc/pki/tls/certs/ca-bundle.crt
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_cipher_list =
EECDH+AES:EDH+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:EECDH+AES256:EDH+AES256:AES256-SHA:HIGH:!aNULL:!eNULL:!EXP:!MD5:!LOW:!SSLv2
ssl_client_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_client_key = </etc/pki/dovecot/private/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
args = static uid=10000 gid=10000 home=/dev/null
driver = static
}
verbose_ssl = yes
version_ignore = yes
Oct 7 09:32:51 dserver dovecot: pop3-login: Debug: SSL: where=0x10, ret=1:
before/...
2019 Sep 04
3
Different passdb backends for different services
> On 4 Sep 2019, at 16.38, R.N.S. via dovecot <dovecot at dovecot.org> wrote:
>>
>> passdb {
>> args = /etc/dovecot/master-users
>> driver = passwd-file
>> master = yes
>> pass = yes
>> }
>> passdb {
>> args = /etc/dovecot/dovecot-ldap.conf.ext
>> driver = ldap
>> }
>>
...
>> protocol sieve {
>> passdb
2019 Sep 04
0
Different passdb backends for different services
...> user = vmail
> }
> ssl_cert = </etc/ssl/mail.roessner-net.de/cert/fullchain.pem
> ssl_cipher_list = ALL:!DH:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW at STRENGTH
> ssl_client_cert = </etc/ssl/mail.roessner-net.de/cert/fullchain.pem
> ssl_client_key = # hidden, use -P to show it
> ssl_dh = # hidden, use -P to show it
> ssl_key = # hidden, use -P to show it
> ssl_min_protocol = TLSv1.2
> ssl_prefer_server_ciphers = yes
> submission_client_workarounds = whitespace-before-path
> submission_relay_host = mail.roessner-net.de
>...
2020 Jul 23
2
dsync fails for existing user: "Error: Failed to initialize user: Namespace '': Mailbox list driver imapc: missing imapc_password" ?
...CHRES SORT THREAD=ORDEREDSUBJECT UIDPLUS UNSELECT WITHIN XLIST] LOGIN completed
atm, my dovecot config includes the following, matching the ssl config above,
ssl_client_ca_file = /sec/vmail/CA.crt.pem
ssl_client_require_valid_cert = yes
ssl_client_cert = < /sec/vmail/client.EC.crt.pem
ssl_client_key = < /sec/vmail/client.EC.key.pem
protocol doveadm {
mail_plugins = virtual
}
imapc_host = remote-imap.example.com
imapc_features = rfc822.size
imapc_features = $imapc_features fetch-headers
mail_prefetch_count = 20
imapc_port = 993
imapc_ssl = imaps
imapc_ssl_verify = no
dsync_...
2012 Jun 14
1
disable_plaintext_auth = no as no effect on IMAP/POP3 logins
...mode = 0600
user =
}
user = $default_internal_user
vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = required
ssl_ca =
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_cert =
ssl_client_key =
ssl_crypto_device =
ssl_key = </etc/pki/dovecot/private/dovecot.pem
ssl_key_password =
ssl_parameters_regenerate = 1 weeks
ssl_protocols = !SSLv2
ssl_verify_client_cert = no
stats_command_min_time = 1 mins
stats_domain_min_time = 12 hours
stats_ip_min_time = 12 hours
stats_memory_limit = 16 M...
2019 Sep 04
0
Different passdb backends for different services
...e = 0600
user = vmail
}
user = vmail
}
ssl_cert = </etc/ssl/mail.roessner-net.de/cert/fullchain.pem
ssl_cipher_list = ALL:!DH:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW at STRENGTH
ssl_client_cert = </etc/ssl/mail.roessner-net.de/cert/fullchain.pem
ssl_client_key = # hidden, use -P to show it
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes
submission_client_workarounds = whitespace-before-path
submission_relay_host = mail.roessner-net.de
submission_relay_port = 5870
submis...
2014 Jan 24
1
outlook will not sync
...gin/ssl-params {
group =
mode = 0666
user =
}
user =
vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = yes
ssl_ca =
ssl_cert = </var/qmail/control/servercert.pem
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_cert =
ssl_client_key =
ssl_key = </var/qmail/control/servercert.pem
ssl_key_password =
ssl_parameters_regenerate = 168
ssl_verify_client_cert = no
submission_host =
syslog_facility = mail
userdb {
args = cache_key=%u quota_template=quota_rule=*:backend=%q
driver = vpopmail
}
valid_chroot_dirs =
verbose_auth = no...
2019 Aug 28
2
LMTP Post login script for acl_groups
...mode = 0600
user = vmail
}
user = vmail
}
ssl_cert = </etc/ssl/mail.roessner-net.de/cert/fullchain.pem
ssl_cipher_list = ALL:!DH:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW at STRENGTH
ssl_client_cert = </etc/ssl/mail.roessner-net.de/cert/fullchain.pem
ssl_client_key = # hidden, use -P to show it
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_min_protocol = TLSv1.2
ssl_prefer_server_ciphers = yes
submission_client_workarounds = whitespace-before-path
submission_relay_host = mail.roessner-net.de
submission_relay_port = 5870
submis...
2017 Feb 09
1
dovecot logout issues
...$default_internal_user
vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = yes
ssl_ca =
ssl_cert = </var/qmail/control/servercert.pem
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_ca_dir =
ssl_client_ca_file =
ssl_client_cert =
ssl_client_key =
ssl_crypto_device =
ssl_dh_parameters_length = 2048
ssl_key = </var/qmail/control/servercert.pem
ssl_key_password =
ssl_parameters_regenerate = 0
ssl_prefer_server_ciphers = no
ssl_protocols = !SSLv2
ssl_require_crl = yes
ssl_verify_client_cert = no
state_dir = /var/lib/dovecot
stats_comman...
2019 Sep 03
2
Different passdb backends for different services
> Am 03.09.2019 um 10:54 schrieb Sami Ketola via dovecot <dovecot at dovecot.org>:
>
>
>
>> On 3 Sep 2019, at 11.07, R.N.S. via dovecot <dovecot at dovecot.org> wrote:
>>
>> Hi,
>>
>> as Dovecot supports submission, which is the sending direction, I am interested to know, if I can configure a separate passdb backend just for submission.
2012 Aug 07
4
pop3 proxying error
...xx
port = 110
}
inet_listener pop3s {
address = aa.aa.aa.aa yy.yyy.yy.yy xx.xx.xx.xx
port = 995
}
service_count = 0
}
ssl_ca = </etc/dovecot/ca-bundle.crt
ssl_cert = </etc/dovecot/imap.xxx.certchained2.pem
ssl_client_cert = </etc/dovecot/imap.xxx.certchained2.pem
ssl_client_key = </etc/dovecot/imap.xxx.key.pem
ssl_key = </etc/dovecot/imap.xxx.key.pem
userdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
protocol imap {
imap_client_workarounds = delay-newmail
imap_max_line_length = 64 k
mail_max_userip_connections = 10
}
protocol pop3 {
pop3_...
2015 Mar 26
1
Error: open() failed with file /var/vmail/... Too many open files
...ogin/ssl-params {
group =
mode = 0666
user =
}
user =
vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = yes
ssl_ca =
ssl_cert = </etc/dovecot/ssl/mx_atisa_es.crt
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_cert =
ssl_client_key =
ssl_key = </etc/dovecot/ssl/mx_atisa_es.key
ssl_key_password =
ssl_parameters_regenerate = 168
ssl_protocols = !SSLv2
ssl_verify_client_cert = no
submission_host =
syslog_facility = mail
userdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
valid_chroot_dirs =
verbose_proctitle = n...
2012 Dec 18
6
dovecot index errors since 2.1.12
Hi,
After upgrading to dovecot 2.1.12, I see a lot of these errors:
# 2.1.12: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-279.14.1.el6.x86_64 x86_64 CentOS release 6.3 (Final)
# Filesystem: ext4 with mdbox storage
Dec 10 15:21:04 mail dovecot: imap(user at example.org): Error: Cached
message size smaller than expected (5010 < 8192)
Dec 10 15:21:04 mail dovecot: imap(user at example.org):
2013 Apr 18
1
Multiple Logins on same accounts from different stations
...protocol =
service_count = 0
type =
user = $default_internal_user
vsz_limit = 18446744073709551615 B
}
shutdown_clients = yes
ssl = yes
ssl_ca =
ssl_cert = </etc/dovecot/dovecot.pem
ssl_cert_username_field = commonName
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL
ssl_client_cert =
ssl_client_key =
ssl_crypto_device =
ssl_key = </etc/dovecot/private/dovecot.pem
ssl_key_password =
ssl_parameters_regenerate = 1 weeks
ssl_protocols = !SSLv2
ssl_require_crl = yes
ssl_verify_client_cert = no
stats_command_min_time = 1 mins
stats_domain_min_time = 12 hours
stats_ip_min_time = 12 hours
stats...