similar to: SSL CA root certificate

Displaying 20 results from an estimated 8000 matches similar to: "SSL CA root certificate"

2009 Mar 13
1
how to handle CA CRL updates with client certificate verification context ?
Hello, As far as I can read in the Dovecot SSL configuration wiki page, each CA cert must be followed by the related CA CRL in the client certificate verification context ("ssl_ca_file" setting). In my company we do have our own PKI and as soon as Client certificate is compromised we do revoke it and update the related CA's CRL. Does that mean that I have to issue a new
2004 Jul 30
2
Too many open files with test32
Hi Timo and others, I'm using test32 since today and I'm getting this error once every 2 hours or so: dovecot: Jul 30 20:21:26 Error: IMAP(jens at gutzeit.at): open(/var/mail/data/jens/jens at gutzeit.at/maildir/.INBOX.Gentoo.Security/dovecot-uidlist) failed: Too many open files dovecot: Jul 30 20:21:26 Error: IMAP(jens at gutzeit.at): file maildir-uidlist.c: line 147
2007 Apr 03
2
No CA names sent in TLS handshake
Hello, I'm setting up Dovecot with client certificates and everything is working fine as long as the client only has one certificate in his store. If he has more than one, the wrong one might be sent to the server. The root of the problem is that Dovecot does not send out a list of valid CA names in the TLS handshake. If I connect using openssl s_client I get: "No client
2008 Jan 30
2
SSL certificate?
When I install an SSL certificate, I can't find a config option to set configure the Server Certificate Chain file... Is this not possible or can I do it another way? (When I connect, I am being told the Signature status is uncheckable...) Regards, BTJ -- ----------------------------------------------------------------------------------------------- Bj?rn T Johansen btj at havleik.no
2009 Nov 02
2
X.509 certificate based IMAP login
Hello list, The dovecot version is 1.2.6 running on Solaris x86 11 (nv-b91). The relevant configuration lines are: passdb ldap { # LDAP database (doc/wiki/AuthDatabase.LDAP.txt.) args = /pfx/etc/dovecot/dovecot-ldap.conf } The file dovecot-ldap.conf is correct and LDAP authentication is working well. We would like to make it possible for users with a X.509 client certificate to log in
2006 Jul 31
2
Dovecot and SSL certificates
Hello, we're running RC2 and seeing a problem with the way SSL certs are handled by Dovecot. We've set ssl_verify_client_cert=yes and ssl_require_valid_client_cert=no. Using this setup we get (rather interesting) log entries like these: Jul 31 11:21:23 dev dovecot: imap-login: Invalid certificate: <user cert> Jul 31 11:21:23 dev dovecot: imap-login: Invalid certificate: <CA
2004 Sep 11
2
Dovecot-1.0-test32 fails with assertion
Hello, dovecot-1.0-test32 continuously fails on one of our customers mboxes with the following error: Sep 11 16:27:15 web dovecot: POP3(xxxxxxxxxxxxx.de1): file mbox-sync-rewrite.c: line 360 (mbox_sync_read_and_move): assertion failed: (need_space == -mails[idx].space) About 200 other mboxes are working perfectly on the same server. Where should I start looking for the cause of this?
2008 Sep 29
3
disbale to responded to an unrequested SSL Certificate
Hi dovecot-list, just a easy question today ;) Customer did on Server a PCI-Test to test security to fit worldpay requirements. They found a critical risk at pop3s. (and some other things) This is the Textmesage: ############ Family: Remote Shell Access Critical 993/tcp 11875 Description: The remote host responded to an unrequested SSL Certificate. The remote SSL server should have sent back
2013 Jun 28
1
IMAPS: Disable SSL connection without client certificate
I've been using Dovecot 2.1.8 on OpenBSD 5.2 i386 for about a month. It works great. Dovecot serves IMAPS only, and I'm using Thunderbird to access my mail. I configured Dovecot to allow clients that present a valid certificate when establishing SSL connection. I configure my Thunderbird for SSL/TLS connection with normal password. It works fine. However, with my config anybody
2006 Oct 04
1
Can't load certificate file: cert already in hash table
Hi, I've searched for this error and found nothing. When I switch on SSL, I get the following errors: >>> Oct 3 20:05:23 [dovecot] Dovecot v1.0.rc7 starting up Oct 3 20:05:24 [dovecot] Login process died too early - shutting down Oct 3 20:05:24 [dovecot] imap-login: Can't load certificate file /etc/ssl/certs/dovecot.crt: error:0B07C065:x509 certificate
2009 Jul 30
1
Dovecot with SSL Client Certification
Hi, i am trying to setup dovecot over ssl in the last couple days unsuccessfully My notes are from here: http://wiki.dovecot.org/SSL My OpenSSL commands are: mkdir -pv /opt/certificates/dovecot/ cd !$ (just to prevent questions about Common Name) [ebal at myhome:~]? hostname myhome openssl req -new -x509 -nodes -out dovecot.crt -keyout dovecot.key -days 1825 # Country Name (2 letter code)
2014 Apr 18
4
Changing SSL certificates - switching from self-signed to RapidSSL
Hi all, Ok, been wanting to do this for a while, and I after the Heartbleed fiasco, the boss finally agreed to let me buy some real certs... Until now, we've been using self-signed certs with the following dovecot config: ssl = required ssl_cert = </etc/ssl/ourCerts/imap.pem ssl_key = </etc/ssl/ourCerts/imap_key.pem Now, I've created new keys/certs and the CSR, got the new
2017 May 31
2
Bug with 2.2.29-1~auto+25 back to haunt me
> On May 31, 2017 at 6:10 PM Ralf Hildebrandt <Ralf.Hildebrandt at charite.de> wrote: > > > * Ralf Hildebrandt <Ralf.Hildebrandt at charite.de>: > > > So I added > > ssl_ca_file = /etc/ssl/certs/ca-certificates.crt > > > > But alas: > > May 31 16:50:24 mproxy dovecot: config: Warning: Obsolete setting in
2004 Aug 25
1
dovecot-1.0-test32-error
I installed dovecot-1.0-test32 and I present the following error in some users: Error: IMAP(user): Buffer full (46) How to solve this problem?
2015 Sep 16
2
Secure boot
After updates to grub2 and kernel in CentOS 7, today, systems will no longer boot in Secure Boot mode. I'm not positive, but I think grub2 is the culprit. Is anyone else seeing the same problem?
2017 Jun 02
2
Bug with 2.2.29-1~auto+25 back to haunt me
> On June 1, 2017 at 1:42 PM Ralf Hildebrandt <Ralf.Hildebrandt at charite.de> wrote: > > > * Aki Tuomi <aki.tuomi at dovecot.fi>: > > > > > So I added > > > > ssl_ca_file = /etc/ssl/certs/ca-certificates.crt > > > > > > > > But alas: > > > > May 31 16:50:24 mproxy dovecot: config: Warning: Obsolete setting
2004 Sep 04
2
file ostream-file.c: assertion failed with v1.0-test38
Hello, I've some troubles logging in after upgrading to -test38. The error in the logs says: Sep 4 02:34:38 hostname dovecot: imap-login: Login: username [123.123.123.123] Sep 4 02:34:48 hostname dovecot: IMAP(username): file ostream-file.c: line 105 (update_buffer): assertion failed: (size <= used) Sep 4 02:34:48 hostname dovecot: child 28966 (imap) returned error 1 Regards,
2015 Nov 16
3
DDNS and DHCP problems
Hello all, I have two new server samba4, with isc-dhcp and Bind. ( Thanks to Louis 's scripts ) The AD was migrate from 2 Windows 2000 servers last friday, with a copy of them in a private lan. Today we have shutdown the old windows 2000 server and put the 2 new samba4 in place of them. The problem is that the DHCP does not update the DNS systematically... That works with laptops ( which
2008 Jun 24
2
Suggestions for a plug and play CA certificate manager?
I have played with self-signed end-use PKI certificates for about a decade now and would really like to set up a proper, albeit private, PKI using some sort of OFS CA management software. I have looked at OpenCA and found a few packages on sourceforge but they all seem to fall short of my desires in one form or another (rpm install, multiple subordinate CAs, certificate revocation and extension
2013 Jan 15
1
Adding CA/Root SSL / TLS Certificate, HTTPS
Hi, I need to add my own and other/new self-signed ca/root cert in CentOS pki database/system, for all/most type of apps to use. Using "wget", i'm trying to securely(HTTPS) get gpg keys/files from https://fedoraproject.org/keys site, which is using root cert with following info: CN = GeoTrust Global CA O = GeoTrust Inc. C= US MD5 f7:75:ab:29:fb:51:4e:b7:77:5e:ff:05:3c:99:8e:f5 I