search for: ssl_keys

I think you should post doveconf -n output. On 08/14/15 20:30, dravion.smith at gmx.net wrote: > > ### CORRECTION > Am 15.08.2015 um 03:22 schrieb dravion.smith at gmx.net: >> >> #### BUT #### >> If i try something like this in /etc/dovecot/conf.d/10-ssl.conf >> >> local imap.mydomain01.tld { >> protocol imap { >> ssl_cert = >>

Hello Alex Am 14.08.2015 um 19:57 schrieb Alexander Dalloz: > What have you done to exclude that SELinux interferes? > Just some sysinfo: CentOS Linux release 7.1.1503 (Core) (i run yum update every day) sestatus: SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted

Hi, I'm using the Dovecot Prebuilt Binary: deb http://xi.rename-it.nl/debian/ stable-auto/dovecot-2.2 main I configured multiple SSL certificates with client TLS SNI (see http://wiki2.dovecot.org/SSL/DovecotConfiguration). Since my last update I get some warnings: doveconf: Warning: /etc/dovecot/conf.d/10-ssl.conf line 12: Global setting ssl_cert won't change the setting inside an

Hi, I want to say hello and here is my big problem ;D Iam trying to archive a Postfix/Dovecot 2.2.10 CentOS7 Multidomain Setup with multiple (valid StartSSL Certs), but iam only able to run a single Domain Cert server only. ps: I need a multiple domainssetup for every customer and it is not an option for me redirecting any email to a single domain server. I really need this setup working.

Am 15.08.2015 um 08:16 schrieb Christian Kivalo: > [snip] > > Note that you will still need a top-level "default" ssl_key and ssl_cert as well, or you will receive errors. > > in addition to your two domain specific ssl certs have you also defined a "default" ssl_key and ssl_cert as required as required by the documentation? > > regards > - c Did you

Hello, It seems that Dovecot ignores the new /ssl_cert and ssl_key /settings. Using them in the dovecot configuration results in the error: Fatal: Couldn't parse private ssl_key: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY PRIVATE KEY] Using the old /ssl_//cert//_file/ and /ssl_key_file/ results in their being obsolete warning but no fatal error.

>I think you should post doveconf -n output. with your dovecot -n output provided this mail would not need to be sent >On 08/14/15 20:30, dravion.smith at gmx.net wrote: >> >> ### CORRECTION >> Am 15.08.2015 um 03:22 schrieb dravion.smith at gmx.net: >>> >>> #### BUT #### >>> If i try something like this in /etc/dovecot/conf.d/10-ssl.conf

We have the requirement to provide SSL on some IP addresses, but not others on our servers. Providing SSL is the easy part and we're able to use multiple SSL certificates now. (thanks Timo!) All is working ok, but we several IP hosts that do not require SSL and do not have valid certificates. While we can limit access via a firewall ACL to TLS connect ports (993/995) we can't do so on

After upgrading to 2.31 I'm getting this error. Not sure what I'm doing wrong. No (No signatures could be verified because the chain contains only one certificate and it is not self signed.) ssl = yes ssl_cert = </etc/exim/certs/ctyme.com.crt ssl_key = </etc/exim/certs/ctyme.com.key ssl_ca = </etc/exim/certs/ca.crt local mail.ctyme.com { ? protocol imap { ??? ssl_cert =

Hi all, I'm testing the SNI configuration from dovecot's wiki page, to have multiple domains. I'm using letsencrypt certificates. On the 10-ssl.conf, when I only use one domain, like this, it works : ssl_ca = </etc/letsencrypt/live/mail.mydomain.fr/chain.pem ssl_cert = </etc/letsencrypt/live/mail.mydomain.fr/cert.pem ssl_key =

Hello, If you don?t have a ssl_key and ssl_cert configured in your dovecot config managesieve-login will fail to start with the following error message: dovecot: managesieve-login: Fatal: Couldn't parse private ssl_key: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY PRIVATE KEY, even if you haven?t enabled ssl for managesieve-login. Infos according to

I am having an ios12.4.1 client whine about access problems. He is getting the 'default' self signed ceritificate instead of the hostname alias. openssl s_client -servername mail.xxxxx.com -connect x.x.x.x:pop3s gives a 'Verify return code: 0 (ok)' I can't imagine this sni support is not available in recent versions. Should I remove this default certificate in the main

Am 14.08.2015 um 13:22 schrieb dravion.smith at gmx.net: > Hi, > I want to say hello and here is my big problem ;D > > Iam trying to archive a Postfix/Dovecot 2.2.10 CentOS7 Multidomain Setup > with multiple (valid > StartSSL Certs), but iam only able to run a single Domain Cert server only. > > ps: I need a multiple domainssetup for every customer and it is not an >

On 08/14/15 20:30, dravion.smith at gmx.net wrote: > > ### CORRECTION > Am 15.08.2015 um 03:22 schrieb dravion.smith at gmx.net: >> >> #### BUT #### >> If i try something like this in /etc/dovecot/conf.d/10-ssl.conf >> local_name imap.mydomain01.tld >> local imap.mydomain01.tld { >> protocol imap { >> ssl_cert = >>

### CORRECTION Am 15.08.2015 um 03:22 schrieb dravion.smith at gmx.net: > > #### BUT #### > If i try something like this in /etc/dovecot/conf.d/10-ssl.conf > > local imap.mydomain01.tld { > protocol imap { > ssl_cert = > </etc/ssl/domains/mydomain01.tld/imap/imap.mydomain01.tld.crt.pem > ssl_key = >

Am 15. August 2015 08:58:04 MESZ, schrieb "dravion.smith at gmx.net" <dravion.smith at gmx.net>: > >Am 15.08.2015 um 08:16 schrieb Christian Kivalo: > >> [snip] >> >> Note that you will still need a top-level "default" ssl_key and >ssl_cert as well, or you will receive errors. >> >> in addition to your two domain specific ssl

Am 15.08.2015 um 09:04 schrieb Christian Kivalo: > provide your multi ssl doveconf -n output. - c No. I leave this shit alone and running dovecot in multiinstance mode and now its works.

/etc/ssl $ sudo doveconf -n # 2.2.15: /etc/dovecot/dovecot.conf # OS: OpenBSD 5.7 amd64 ffs auth_mechanisms = plain login default_client_limit = 500 disable_plaintext_auth = no first_valid_uid = 1000 imap_client_workarounds = delay-newmail tb-extra-mailbox-sep tb-lsub-flags mail_location = maildir:/var/vmail/%d/%n/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability =

>But can you explain why you use globally: > >ssl_cert = </etc/ssl/dovecot.pem >ssl_key = </etc/ssl/private/dovecot.pem > >and certs for any additional Domain each? > >## >local_name mail.pettijohn-web.com { > ssl_cert = </etc/ssl/mail.pettijohn-web.com.crt > ssl_key = </etc/ssl/private/mail.pettijohn-web.com.key >} >## he configured the top

Hello list, i run here an large mailsetup with some million mailboxes and got strange performance problems, cause i think i have overseen or forgotten an simple setting. Here are some details: 21 CentOS 7 Servers with dovecot 2.2.25 and ldap userdb/passdb via socket behind an hardware loadbalancer. The storage behind is an ISCSI Storage with 4 10Gbit/s multipath paths, splitted up to 10 TB