Displaying 20 results from an estimated 842 matches for "ssl_key_file".
2005 Jan 12
2
REQUEST: Different port(protocol) should be able to use a different certification.
...of real.example.com
When use IMAPS, user connents imap.example.com
POP3S, user connents pop3.example.com
But one Certification file certificates only one FQDN.
For example, dovecot.conf written that
protocols = imaps pop3s
ssl_cert_file = /etc/ssl/certs/imap.example.com.cert.pem
ssl_key_file = /etc/ssl/private/imap.example.com.key.pem
# imap.example.com.cert.pem's CN is imap.example.com
In this pattern. MUA such as Thunderbird warn when connect pop3s because
FQDN is different.
I have an simple idea in this problem.
dovecot.conf
protocols = imaps pop3s
- ssl_cert_file = /etc/...
2010 Aug 15
4
dovecot 2.0 convert script
Since my old config had this:
protocols = imap imaps pop3 pop3s
ssl_cert_file = /usr/share/ssl/certs/imapd.pem
ssl_key_file = /usr/share/ssl/certs/imapd.pem
then the convert script should have added
ssl = yes
Just trying to document all the little issues as I find them.
2007 Feb 26
2
Certs file
...ror: Can't use SSL key file /etc/ssl/private/dovecot.pem: No such
file or directory
In the config file I have:
ssl_cert_file=/usr/local/certs/imapd.pem
Looking for dovecot.pem on the config file there's only:
% grep dovecot.pem dovecot.conf
#ssl_cert_file = /etc/ssl/certs/dovecot.pem
#ssl_key_file = /etc/ssl/private/dovecot.pem
So the two entries referencing dovecot.pem are commented out. I
removed those two lines anyway, just in case, but it didn't make a
difference.
What am I missing? I'd love to include the output of 'dovecot -n' but...
% dovecot -n
# /usr/local/etc...
2009 Oct 06
1
dovecot 1.2.5 - can't create auth listener
...so maybe someone can point out where
I'm going wrong. I stripped out the few comments and unrelated settings.
#listen = *
disable_plaintext_auth = no
ssl_ca_file = myca.crt
protocol lda {
postmaster_address = postmaster at example.com
}
server a1 {
protocols = pop3
ssl_cert_file = a1.crt
ssl_key_file = a1.key
listen = 1.0.0.2:110 1.0.0.2:111
auth default {
mechanisms = plain
passdb pam {
}
userdb passwd {
}}}
server a2 {
protocols = pop3s
ssl_cert_file = a1.crt
ssl_key_file = a1.key
listen = 1.0.0.2:995
auth default {
mechanisms = plain
passdb pam {
}
userdb pas...
2007 Oct 14
1
iPhone 1.1.1 problems.
...pe to sniff the text of the interchange?
Final question: Any other information I can provide that might help
debug this?
Thanks,
<mike
dovecot info:
bhuda# dovecot --version
1.0.5
bhuda# dovecot -n
# 1.0.5: /usr/opt/etc/dovecot.conf
ssl_cert_file: /usr/local/etc/openvpn/server.crt
ssl_key_file: /usr/local/etc/openvpn/server.key
login_dir: /var/run/dovecot/login
login_executable: /usr/opt/libexec/dovecot/imap-login
verbose_proctitle: yes
first_valid_gid: 0
mail_extra_groups: mail
mail_location: maildir:~/mailboxes
imap_client_workarounds: delay-newmail outlook-idle netscape-eoh tb-extra-m...
2013 Dec 05
1
Syslog debug messages
...ssl_ca_file(imap): /etc/dovecot/ca.crt
ssl_ca_file(pop3): /etc/dovecot/ca.crt
ssl_ca_file(managesieve):
ssl_cert_file(default): /etc/dovecot/ufsc.br.crt
ssl_cert_file(imap): /etc/dovecot/ufsc.br.crt
ssl_cert_file(pop3): /etc/dovecot/ufsc.br.crt
ssl_cert_file(managesieve): /etc/ssl/certs/dovecot.pem
ssl_key_file(default): /etc/dovecot/ufsc.br.key
ssl_key_file(imap): /etc/dovecot/ufsc.br.key
ssl_key_file(pop3): /etc/dovecot/ufsc.br.key
ssl_key_file(managesieve): /etc/ssl/private/dovecot.pem
disable_plaintext_auth: no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
lo...
2014 Feb 06
3
dovecot -n FATAL
Hi List,
Im new to postfix-dovecot and im mystified by the following results in
ubuntu 10.04lts
:~$ dovecot -n
# 1.2.9: /etc/dovecot/dovecot.conf
Error: ssl_key_file: Can't use /etc/ssl/private/ssl-mail.key: Permission
denied
Fatal: Invalid configuration in /etc/dovecot/dovecot.conf
~$ sudo ls -dl /etc/ssl/private/ssl-mail.key
lrwxrwxrwx 1 root root 38 2013-11-27 08:35 /etc/ssl/private/ssl-mail.key
-> /etc/ssl/private/ssl-cert-snakeoil.key
Why is dov...
2006 Dec 19
2
umask 007 ineffective with newly created Maildir message
This is for Dovecot 1.0.rc15 from Debian Backports on 3.1 Stable, x86;
Filesystems are local reiserfs; IMAPs client is KMail 1.9.5
Non-default settings in dovecot.conf:
protocols = imaps
ssl_cert_file = /etc/dovecot/mail.cert.pem
ssl_key_file = /etc/dovecot/mail.key.pem
mail_location = maildir:/var/mail/ambrosia.plus.com/%n
mail_extra_groups = mail
first_valid_uid = 1000
first_valid_gid = 1000
umask = 007
maildir_copy_with_hardlinks = yes
To reproduce:-
1. Using your IMAP client with two IMAP accounts, copy a message fr...
2007 Oct 17
2
Sometimes Dovecot v1.0.3 does not accept new connections
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
occasionally Dovecot stops to accept new connections. Already existing
ones do function properly. Strace'ing dovecot-auth reveals that it is
running and is authentificating users, the logfile logs new connections.
However, lots of other connects just stall, before the IMAP server
responds with the greeting.
My user backend is a LDAP
2008 Oct 13
2
Compatibility namespaces containing a leading ~ appear to be broken in 1.1.x
...oduced a slightly cut-down example configuration which
demonstrates the problem:
# dovecot -n
# 1.1.3: /etc/dovecot/dovecot.conf
protocols: imap imaps pop3 pop3s
ssl_cert_file(default): /etc/ssl/certs/imap.pem
ssl_cert_file(imap): /etc/ssl/certs/imap.pem
ssl_cert_file(pop3): /etc/ssl/certs/pop.pem
ssl_key_file(default): /etc/ssl/private/imap.key
ssl_key_file(imap): /etc/ssl/private/imap.key
ssl_key_file(pop3): /etc/ssl/private/pop.key
disable_plaintext_auth(default): yes
disable_plaintext_auth(imap): yes
disable_plaintext_auth(pop3): no
login_dir: /var/run/dovecot/login
login_executable(default): /usr/li...
2007 Mar 07
1
Changed CONTROL= path causes POP3 to fail, whereas IMAP is working (rc25 & rc26)
...dovecot -n
# /usr/local/dovecot.rc26/etc/dovecot.conf
log_path: /var/log/dovecot/dovecot.log
protocols: imap imaps pop3 pop3s
ssl_ca_file: /etc/ssl/certs/ca.crt
ssl_cert_file(default): /etc/ssl/certs/imap.pem
ssl_cert_file(imap): /etc/ssl/certs/imap.pem
ssl_cert_file(pop3): /etc/ssl/certs/pop3.pem
ssl_key_file(default): /etc/ssl/private/imap.key
ssl_key_file(imap): /etc/ssl/private/imap.key
ssl_key_file(pop3): /etc/ssl/private/pop3.key
disable_plaintext_auth: no
verbose_ssl: yes
login_dir: /usr/local/dovecot.rc26/var/run/dovecot/login
login_executable(default):
/usr/local/dovecot.rc26/libexec/dovecot/im...
2011 Jan 31
4
disable_plaintext_auth = no ignored by dovecot in Ubuntu 10.04
..."
...
#listen = *
disable_plaintext_auth = no
dave at mail:~$ sudo dovecot -n
# 1.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-24-generic i686 Ubuntu 10.04.1 LTS
log_timestamp: %Y-%m-%d %H:%M:%S
protocols: imap pop3 imaps pop3s managesieve
ssl_cert_file: /etc/ssl/certs/ssl-mail.pem
ssl_key_file: /etc/ssl/private/ssl-mail.key
ssl_cipher_list:
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
login_dir: /var/run/dovecot/login
login_executable(default): /usr/lib/dovecot/imap-login
login_executable(imap): /usr/lib/dovecot/imap-login
login_executable(pop3): /usr/lib/dovecot/po...
2015 Jun 10
1
Order of keys
I hope I'm asking this on the right list, in the right place. I go
through this every three years and for whatever reason keep forgetting
to record how this works!
In the Dovecot config, there are two places to define SSL
certificates--ssl_cert_file and ssl_key_file. My question is this:
Which two of the three files--the certifying authority, the signed
certificate for the specific system, and the private certificate
file--are combined to create the file that goes with ssl_cert_file?
Since there are six possible permutations to answer this question
(because or...
2008 Mar 07
1
Can't load private key file
...04 mailserver dovecot: pop3-login: Can't load private key file
/etc/ssl/mailserver/mail.mydomain.tld.key: error:0906A068:PEM
routines:PEM_do_header:bad password read
My dovecot.conf has the following set.
# Uncomment these if using SSL
ssl_cert_file = /etc/ssl/mailserver/mail.mydomain.tld.crt
ssl_key_file = /etc/ssl/mailserver/mail.mydomain.tld.key
#ssl_key_password =
#ssl_ca_file = /etc/ssl/mailserver/ca/mydomain.pem
#ssl_verify_client_cert = yes
ssl_parameters_regenerate = 168
verbose_ssl = no
I have been playing about with it all for about 3 hours now and would
greatly appreciate any help ;)
Re...
2007 Dec 02
1
imap login messages not logged
...me at example.com>.
I check configuration from another server and it very same.
I'm running on debian testing with config below.
# 1.0.5: /etc/dovecot/dovecot.conf
log_path: /var/log/dovecot.log
info_log_path: /var/log/dovecot.info
protocols: imap
ssl_cert_file: /etc/postfix/new_chained.crt
ssl_key_file: /etc/postfix/mail.pem
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
login_greeting_capability: yes
mail_location: maildir:/var/mail/store/%u
dotlock_use_excl: yes
maildir_copy_with_hardlinks: yes
auth default:
mechanisms: PLAIN CRAM-MD5
passdb:
driver: pas...
2007 Jul 05
1
Virtual servers
...foo.cer
}
server bar {
listen = 1.2.3.5
ssl_cert_file = /etc/ssl/certs/bar.cer
}
My virtual configs look like this:
server mail.domain1.org {
listen = 1.2.3.4
protocols = pop3 pop3s imap imaps
ssl_cert_file = /etc/mail/hosts/domain1.org/ssl.crt
ssl_key_file = /etc/mail/hosts/domain1.org/ssl.key
auth default {
mechanisms = plain
passdb passwd-file {
args = /etc/mail/hosts/domain1.org/userdb
}
userdb passwd-file {
args = /etc/mail/hosts/domain1.org/userdb
}
}
}
server mail....
2004 Nov 12
1
pem help
When I run this:
/usr/local/sbin/dovecot -c /etc/dovecot.conf
I get this
Fatal: Can't use SSL certificate /etc/ssl/certs/dovecot.pem: No such file or
directory
But in my conf file these are commented out??
#ssl_cert_file = /usr/share/ssl/certs/dovecot.pem
#ssl_key_file = /usr/share/ssl/private/dovecot.pem
Why would I get this error?
Thanks
Clinton Mills
2005 Mar 09
1
Minor documentation bug with 0.99.14
...before
> # dropping root privileges, so keep the key file unreadable by anyone but
> # root. Included doc/mkcert.sh can be used to easily generate self-signed
> # certificate, just make sure to update the domains in dovecot-openssl.cnf
> #ssl_cert_file = /etc/ssl/certs/dovecot.pem
> #ssl_key_file = /etc/ssl/private/dovecot.pem
but the aforementioned doc/mkcert.sh contains these lines:
> CERTFILE=$SSLDIR/certs/imapd.pem
> KEYFILE=$SSLDIR/private/imapd.pem
either the script should be changed to reflect the sample config file or
vice versa.
John
--
John Peacock
Director of Informa...
2005 Mar 12
1
dovecot test62 vs test64
...nticate. I reinstalled test62 with the original dovecot.conf
and everything worked fine again. My config files look like:
dovecot.conf-test62 looks like:
base_dir = /var/run/dovecot/
protocols = imap imaps pop3 pop3s
ssl_disable = no
ssl_cert_file = /usr/share/ssl/certs/dovecot.pem
ssl_key_file = /usr/share/ssl/private/dovecot.pem
disable_plaintext_auth = yes
login_dir = /var/run/dovecot-login
login = imap
login = pop3
mail_extra_groups = mail
default_mail_env = mbox:~/mail/:INBOX=/var/spool/mail/%u
auth = default
auth_mechanisms = plain
auth_userdb = passwd...
2006 Jul 30
1
different SSL certificates for different connectoins
Is it possible to setup dovecot to have it presented different SSL
certificates to connections coming at different ports. I don't see it
in the docs. It seems, dovecot would present the same certificate to
all connecting ports. Thanks.