search for: tls_cert_file

Displaying 20 results from an estimated 23 matches for "tls_cert_file".

2015 Oct 08
2
Dovecot auth-ldap ignores tls_* settings when using ldaps://
Hi, I'm using dovecot 2.2.9 (but after checking src/auth/db-ldap.c in 2.2.13 there seems to be the same bug/feature). The userdb and passdb use LDAP. All further configuration is done in auth-ldap.conf.ext. uri = ldaps://<host>/ # tls = tls_cert_file = /etc/ssl/certs/client-cert.pem tls_key_file = /etc/ssl/certs/client-key.file Dovecot ignores the tls_* options. If I use an ldap:// URI and switch on TLS using tls=yes it works as expected. But I do not see any reason why LDAPS should not read the tls_* settings. This small patch solve...
2019 Dec 08
2
Dovecot & OAuth
...gt; rawlog_dir = /tmp/oauth2 >>>> #force_introspection = yes >>>> username_attribute = username >>>> #active_attribute = active >>>> #active_value = true >>>> tls_ca_cert_file = /etc/pki/CA/certs/incommon-rsa-server-ca.crt >>>> tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem >>>> tls_key_file = /etc/pki/dovecot/private/dovecot.pem >>>> >>>> >>>> --------------- >>>> >>>> >>>> >>>> >>>> The debug log is showing now sli...
2019 Dec 06
4
Dovecot & OAuth
...cloak.com/auth/realms/demo/protocol/openid-connect/token/introspect introspection_mode = post debug = yes rawlog_dir = /tmp/oauth2 #force_introspection = yes username_attribute = username #active_attribute = active #active_value = true tls_ca_cert_file = /etc/pki/CA/certs/incommon-rsa-server-ca.crt tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem tls_key_file = /etc/pki/dovecot/private/dovecot.pem --------------- The debug log is showing now slightly different msg ex: Dec 5 21:09:59 mktst4 dovecot: auth: Error: oauth2(mizuki,10.0.2.1,<29b4iv+YKuuCx5Tr>): oauth2 failed: Couldn't initialize SSL...
2019 May 08
2
Dovecot not surviving OpenLDAP restart
Hi! Running Dovecot 2.2.36 and authenticating against an OpenLDAP 2.4.45 server. Now since some update of dovecot it will not be able to authenticate your logins after a restart of the LDAP service is restarted without a reboot of the dovecot server. Anything new here that I should be aware of? Best Regards Dag
2018 Jun 22
0
Imap daemons for CentOS 6 (other then cyrus-imapd)
...cyrus-imapd with no problems; > > No actually the problem is cyrus-imapd: cyrus-imapd expects all users to use > imap (or pop3) to access their E-Mail. of course, what else do you expect? (SSL is not the problem, as I'm using cyrus-imapd with SSL) here my settings in /etc/imapd.conf tls_cert_file: /etc/pki/cyrus-imapd/tls.crt/mail-host.crt tls_key_file: /etc/pki/cyrus-imapd/tls.key/mail-host.key tls_ca_file: /etc/pki/cyrus-imapd/tls.crt/server-chain-sslca.crt tls_cipher_list: EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA:EECDH:EDH+AESGCM:EDH:ECDH+AESGCM:ECDH+AES:ECDH:AES:HIGH:MEDIUM:3DES...
2015 Oct 13
0
Dovecot auth-ldap ignores tls_* settings when using ldaps://
...m using dovecot 2.2.9 (but after checking src/auth/db-ldap.c in 2.2.13 > there seems to be the same bug/feature). > > The userdb and passdb use LDAP. All further configuration is done in > auth-ldap.conf.ext. > > uri = ldaps://<host>/ > # tls = > tls_cert_file = /etc/ssl/certs/client-cert.pem > tls_key_file = /etc/ssl/certs/client-key.file > > Dovecot ignores the tls_* options. If I use an ldap:// URI and > switch on TLS using tls=yes it works as expected. > > But I do not see any reason why LDAPS should not read the tls_* >...
2013 Sep 23
0
can't dovecot tls/ssl to openldap
...sasl_mech = #sasl_realm = #sasl_authz_id = # Use TLS to connect to the LDAP server. tls = yes #tls = no tls_ca_cert_file = /etc/ssl/certs/ca/signing-ca.crt tls_ca_cert_dir = /etc/ssl/certs/ca #tls_cipher_suite = # TLS cert/key is used only if LDAP server requires a client certificate. #tls_cert_file = /etc/ssl/certs/mail.crt #tls_key_file = /etc/ssl/private/mail.key # Valid values: never, hard, demand, allow, try #tls_require_cert = never See some suggestions! Great thanks! muyuan
2019 Dec 06
0
Dovecot & OAuth
...> > rawlog_dir = /tmp/oauth2 > > > #force_introspection = yes > > > username_attribute = username > > > #active_attribute = active > > > #active_value = true > > > tls_ca_cert_file = /etc/pki/CA/certs/incommon-rsa-server-ca.crt > > > tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem > > > tls_key_file = /etc/pki/dovecot/private/dovecot.pem > > > > > > > > > --------------- > > > > > > > > > > > > > > > The debug log is showing now slightly different...
2015 Jan 26
4
imap-login: Fatal: pipe() failed: Too many open files
...elds can be used to specify defaults that LDAP may override #default_fields = home=/home/virtual/%u } # ======================== dovecot/dovecot-ldap.conf.ext =================== # hosts = 127.0.0.1:389 dn = uid=dovecot,ou=systemuser,ou=mail,dc=MyDomain,dc=TLD dnpass = TopSecret tls = yes tls_cert_file = /etc/ssl/RootCA/certs/192.168.50.101.pem tls_key_file = /etc/ssl/RootCA/certs/192.168.50.101.key debug_level = -1 auth_bind = yes ldap_version = 3 base = ou=accounts,ou=mail,dc=MyDomain,dc=TLD scope = subtree user_attrs = mailStorageDirectory=home, mailUidNumber=uid, mailGidNumber=gid, mailQuot...
2019 Dec 10
0
Dovecot & OAuth
...gt; >>>> #force_introspection = yes > >>>> username_attribute = username > >>>> #active_attribute = active > >>>> #active_value = true > >>>> tls_ca_cert_file = /etc/pki/CA/certs/incommon-rsa-server-ca.crt > >>>> tls_cert_file = /etc/pki/dovecot/certs/dovecot.pem > >>>> tls_key_file = /etc/pki/dovecot/private/dovecot.pem > >>>> > >>>> > >>>> --------------- > >>>> > >>>> > >>>> > >>>> > >>>&...
2012 Mar 29
1
File/folder permission issues in 2.1.3
...p vmail. Is there something wrong with my config that prevents switching to secondary groups? /etc/dovecot/dovecot-ldap.conf.ext: uris = ldap://ldap0.roessner-net.de/ ldap://db.roessner-net.de/ sasl_bind = yes sasl_mech = EXTERNAL tls = yes tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt tls_cert_file = /etc/ssl/certs/mx0.roessner-net.de.pem tls_key_file = /etc/ssl/private/mx0.roessner-net.de.key.pem tls_require_cert = hard base = ou=people,ou=it,dc=roessner-net,dc=de user_attrs = rnsMSQuota=quota_rule=*:storage=%$,rnsMSMailboxHome=home user_filter = (&(objectClass=rnsMSDovecotAccount)(rnsMS...
2020 Sep 23
2
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
> On 22/09/2020 21:00 PGNet Dev <pgnet.dev at gmail.com> wrote: > > > On 9/22/20 10:51 AM, Aki Tuomi wrote: > >>> > > > > Well, dovecot does not actually do any parsing for system-wide openssl.cnf. This sounds more like OpenSSL issue than dovecot issue. > > I've NO issue with that config/setting with any _other_ app -- whether in general
2015 Jan 26
0
imap-login: Fatal: pipe() failed: Too many open files
...default_fields = home=/home/virtual/%u > } > > > > > > # ======================== dovecot/dovecot-ldap.conf.ext > =================== # > > hosts = 127.0.0.1:389 > dn = uid=dovecot,ou=systemuser,ou=mail,dc=MyDomain,dc=TLD > dnpass = TopSecret > tls = yes > tls_cert_file = /etc/ssl/RootCA/certs/192.168.50.101.pem > tls_key_file = /etc/ssl/RootCA/certs/192.168.50.101.key > debug_level = -1 > auth_bind = yes > ldap_version = 3 > base = ou=accounts,ou=mail,dc=MyDomain,dc=TLD > scope = subtree > user_attrs = mailStorageDirectory=home, mailUidNumbe...
2015 Jan 26
0
imap-login: Fatal: pipe() failed: Too many open files
...default_fields = home=/home/virtual/%u > } > > > > > > # ======================== dovecot/dovecot-ldap.conf.ext > =================== # > > hosts = 127.0.0.1:389 > dn = uid=dovecot,ou=systemuser,ou=mail,dc=MyDomain,dc=TLD > dnpass = TopSecret > tls = yes > tls_cert_file = /etc/ssl/RootCA/certs/192.168.50.101.pem > tls_key_file = /etc/ssl/RootCA/certs/192.168.50.101.key > debug_level = -1 > auth_bind = yes > ldap_version = 3 > base = ou=accounts,ou=mail,dc=MyDomain,dc=TLD > scope = subtree > user_attrs = mailStorageDirectory=home, mailUidNumbe...
2012 May 13
2
doveadm not working
...50 mail_plugins = autocreate quota acl fts fts_solr zlib mail_log notify imap_quota imap_acl imap_zlib } And here my ldap stuff: uris = ldap://ldap0.roessner-net.de/ ldap://db.roessner-net.de/ sasl_bind = yes sasl_mech = EXTERNAL tls = yes tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt tls_cert_file = /etc/ssl/certs/mx0.roessner-net.de.pem tls_key_file = /etc/ssl/private/mx0.roessner-net.de.key.pem tls_require_cert = hard base = ou=people,ou=it,dc=roessner-net,dc=de user_attrs = rnsMSQuota=quota_rule=*:storage=%$,rnsMSMailboxHome=home user_filter = (&(objectClass=rnsMSDovecotAccount)(rnsMS...
2019 Mar 18
4
LDAP users issue
Hi Team, I have enabled LDAP authentication with webmail client and it works successfully. But I found an error with LDAP user's mail. Email is not loaded when I log with an LDAP user. Login phase is successful and mail box is the issue. I created a mail user without including LDAP and that user works fine. Issue comes only with LDAP users. *Anushka Bandara* Research Engineer Lanka Software
2015 Aug 12
1
C6.7 evolution to cyrus imap(s) fails
Am 12.08.2015 um 20:29 schrieb Dr J Austin: > > > On Wed, 12 Aug 2015, Alexander Dalloz wrote: > > >>> I have been working at trying to get cyrus to listen on 148.197.29.5 >>> interface instead of the localhost - I have failed >>> > >> No square brackets around the ip address. > > imap cmd="imapd" listen="imap"
2019 May 15
2
Dovecot not connecting to OpenLDAP
...LDAP server. tls = yes # TLS options, currently supported only with OpenLDAP: #tls_ca_cert_file =/etc/ssl/certs/ldap.crt tls_ca_cert_file =/etc/ssl/certs/ldap6_cacert.pem #tls_ca_cert_dir =/etc/ssl/certs/ #tls_cipher_suite = # TLS cert/key is used only if LDAP server requires a client certificate. #tls_cert_file = /etc/ssl/certs/ldap01_slapd_cert.pem #tls_key_file = /etc/ssl/private/ldap01_slapd_key.pem # Valid values: never, hard, demand, allow, try #tls_require_cert = demand # Use the given ldaprc path. #ldaprc_path = # LDAP library debug level as specified by LDAP_DEBUG_* in ldap_log.h. # -1 = everyth...
2016 Oct 24
2
Problem to configure dovecot-ldap.conf.ext
..._id = imap/mx01.example.com at EXAMPLE.COM # Use TLS to connect to the LDAP server. #tls = yes # TLS options, currently supported only with OpenLDAP: tls_ca_cert_file = /etc/ipa/ca.crt #tls_ca_cert_dir = #tls_cipher_suite = # TLS cert/key is used only if LDAP server requires a client certificate. #tls_cert_file = #tls_key_file = # Valid values: never, hard, demand, allow, try tls_require_cert = demand # Use the given ldaprc path. #ldaprc_path = # LDAP library debug level as specified by LDAP_DEBUG_* in ldap_log.h. # -1 = everything. You may need to recompile OpenLDAP with debugging enabled # to get enou...
2011 Aug 10
3
sieveshell fails to start on CentOS 6.0
...logs. Configuration files look like this: [root at newmick etc]# cat /etc/imapd.conf configdirectory: /var/lib/imap partition-default: /var/spool/imap admins: cyrus sievedir: /var/lib/imap/sieve sendmail: /usr/sbin/sendmail hashimapspool: true sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN tls_cert_file: /etc/pki/tls/certs/cyrus.pem tls_key_file: /etc/pki/tls/certs/cyrus.pem tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt # uncomment this if you're operating in a DSCP environment (RFC-4594) # qosmarking: af13 [root at newmick etc]# [root at newmick etc]# cat /etc/cyrus.conf # standard standalon...