similar to: Multiple SSL certs question

Displaying 20 results from an estimated 2000 matches similar to: "Multiple SSL certs question"

2009 Aug 10
12
v2.0 configuration parsing
I'm trying to figure out how exactly v2.0 should be parsing configuration files. The most annoying part is if it should always just "use whatever comes first in config" or try some kind of a "use most specific rule". The "most specific" kind of makes more sense initially, but then you start wondering how to handle e.g.: 1) User logs in to imap from 192.168.0.1.
2016 Mar 02
3
Dual certificate
Hello all; Is anyone knows if it's possible to have a dual certificate setup on dovecot like in postfix or apache ? i tried to add several crts in local name section : local_name imap.server.tdl { ssl_cert = <server_rsa_crt.pem ssl_key = <server_rsa_key.pem ssl_cert = <server_ecdsa_crt.pem ssl_key = <server_ecdsa_key.pem } but it seems that dovecot takes the last one (ecdsa)
2009 Oct 07
2
how to config dovecot for multiple domains, multiple SSL certs, and conditional IP access -- with passwd-file passdb?
at them moment, i've configured dovecot for a flat passwd-file, annd static userdb. from dovecot.conf, ... auth default { mechanisms = plain digest-md5 cram-md5 user = mail ... passdb passwd-file { args = /data/mail/users/imap_user_file } userdb static { args = static uid=mail gid=mail home=/data/mail/store/Domains/%d/Accounts/%n quota=maildir:storage=4096 nice=10 }
2008 Nov 07
6
Cannot get the libwrap patch work
Hello there, I have been trying to make the patch work for libwrap(TCP Wrappers) posted on http://dovecot.org/patches <http://dovecot.org/patches%20Patch%20of%201.1> Patch of 1.1 but could not get it work. Any help will be highly appreciated. After compiling and running it I get error "Error: login_tcp_wrappers can't be used because Dovecot wasn't built with
2017 Feb 02
0
SNI with mixed certs
Dovecot SNI is failing hard today. Server with n domains, each with a startssl certificate of its own, all certificates expired this morning. Decision: move to Letsencrypt. Firsr certificate issued and installed. Other domains in the pipeline. Dovecot server rebooted. Expected result: one domain returning the new cert, and the n-1 domains returning the expiration notification. Actual result: the
2020 Aug 25
2
Metric label values truncated when using OpenMetrics endpoint
Hi Jeff, Thanks for your reply! Regarding grouping by remote address, I understand and for now I'll keep a close eye. Maybe it's an option to group by /24 for ipv4 and /64 for IPv6? We currently do that based on the logs but the OpenMetrics endpoint seem a lot easier. A slight hijack of the original question: but I tried to log only IP addresses (+ result) of failed login attempts but
2010 Jul 26
2
Exception Pages when behind a proxy
I am not sure if this desired feature or not but when we are behind a local proxy ie. Nginx/Varnish then the new ShowException middleware doesn''t seem to properly detect the remote IP address and it appears as if every browser gets a local error page with a stack trace, etc. I''ve opened up a ticket on the rails bug tracker but I also would like to verify that this is in fact a
2016 Sep 14
2
How to obtain a "non-stripped" executable for producing a usable core-dump
On 9/13/2016 10:00 PM, Edgar Pettijohn wrote: >> I'm attempting to capture a core-dump file, and gdb reports >> > >> > warning: core file may not match specified executable file. >> > > I believe this means the core file doesn't match up to the executable. I would delete the core and try to reproduce with your new executable then run gdb with a core
2018 Dec 08
2
doveadm batch crash
Hi I'm having an issue with doveadm batch - the following command always crashes: doveadm batch : mailbox status all inbox Whereas the following work as expected: doveadm mailbox status all inbox doveadm batch : mailbox list Any assistance gratefully received. Debug output from the crash: Debug: Loading modules from directory: /usr/lib64/dovecot Debug: Module loaded:
2010 Aug 29
1
Different IPs should use different ssl-certs/keys
I don't understand how to use multiple keys/certs on different IPs without SNI. http://wiki2.dovecot.org/SSL/DovecotConfiguration explains how to use different keys for different protocols like POP3 and IMAP. But how to bind those keys/ on IPs/Ports? Looks like it is not possible to use ssl_cert inside service { inet_listener {} } Is it still necessary to run multiple instances like
2018 Jul 23
0
dovecot sometimes sends non-default SSL cert if IMAP client won't send SNI
Can you provide some details on what those openssl commands returned? Aki On 20.07.2018 12:14, Martin Johannes Dauser wrote: > Hi, > > I recognised some funny behaviour on my server. IMAP clients which > won't send an Server Name Indication (SNI) sometimes get the wrong > certificate. I would expect that those clients always get the default > certificate (of my new
2012 Aug 07
4
pop3 proxying error
Hi Timo, I've got some errors with pop3 proxying and dovecot 2.1.9 I's occured on the proxy side: Aug 7 13:16:47 dev1 dovecot: pop3-login: Fatal: master: service(pop3-login): child 23046 killed with signal 11 (core dumped) Server side shows no error, and runs the same dovecot version. Thanks for your help. Best regards Tonio Buonaguidi Core dump: GNU gdb (GDB) 7.4.1-debian
2014 Jun 18
1
VPN address of the remote host
Hello, Please bear with my inexperience ;) Some tinc configuration examples available on the Internet include a statement like this: "route add -net $subnet netmask $netmask gw $remote_ip", where $remote_IP is the VPN address of the remote host. Q1: Does this statement modify the behaviour of tinc (as compared to "ifconfig $interface $local_ip netmask $netmask")? Q2: If it
2015 Sep 24
2
v2.2.19 release candidate released
On 09/24/2015 09:23 AM, Jean-Baptiste Vignaud wrote: > Hello; > > Some issue with virtual storage and fts-lucene: > > Sep 24 08:12:16 imap(jbv00 at x <jbv00 at d1.dc.xandmail.com>xx): Panic: file > virtual-storage.c: line 370 (virtual_backend_box_close): assertion failed: > (mbox->backends_open_count > 0) Fixed: http://hg.dovecot.org/dovecot-2.2/rev/4b5b8e6a4a32
2020 Oct 15
2
how to set smtp-client -> submission_relay_host for IPv4 only?
On 10/15/20 2:02 PM, jeremy ardley wrote: >> how/where do I configure (just) the dovecot smtp-client -> submission_relay_host to only connect IPv4? > > It appears your host has A and AAAA records in your DNS. The clients will try IPV6 first if they see an AAAA record. > > If you don't need IPV6 for your host remove the AAAA record. All connections will then only use
2016 Sep 03
2
doveadm quota recalc returns a Segmentation fault
Hi, with the latest dovecot-ee version (2.2.25.4 (5cb7c97)) if I run ?doveadm quota recalc -u alessio at skye.it? dovecot return a ?Segmentation fault? (but the quota is update fine). Since dovecot version 2.2.24.3 (55cdc32) works fine. This is my quota backends configuration: plugin { quota = maildir:UserQuota quota2 = dict:Quota Usage::noenforcing:proxy::sqlquota } dict { sqlquota
2005 Aug 28
3
Polycom Reboot Script
Hello, I'm trying to setup the revised Polycom remote reboot script as found on: http://www.voip-info.org/tiki-index.php?page=Polycom+reboot+hardphone+script I'm not sure how to use this script, it's just a perl script, so I tried creating an executable perl script and running it, but I get the following: [root@asterisk1 agi-bin]# ./polycom_reboot.pl 192.168.3.205 Checking ARP
2004 Jan 22
2
Polycom Reboot Script - Please wiki-size me
With my thanks to Brian West and his offering in the thread, "Subject: Re: [Asterisk-Users] Remote reload Cisco 7960" I offer PolyReboot.pl, a perl script for rebooting Polycom IP Phones PolyReboot.pl takes an IP address as a single argument and reboots the phone. You must have a cfg file in the Polycom style, i.e., 00ab00cd00ef.cfg - all lower case. Further, you need to use ftp for
2004 Nov 29
1
Polycom Reboot Script PRI errors!!
Kevin wrote: > There is a reboot script posted on the wiki to reboot Polycom > telephones. When I execute this script, I get the following messages. > I am concerned as this is causing issues with asterisk and the PRI. > Does anyone have any ideas why this would be happening? > > > > asterisk console: > > -- Remote UNIX connection > -- Remote UNIX
2016 Nov 20
2
LDAP auth problems "unknown user"
Hi, I am setting up a dovecot instance to host a bunch of virtual domains, with ldap backing for auth. I am using a single hostname for test purposes, with a couple of entries in the diectory. If I use auth binds I get a result, but this does not suit the end purpose of the server. If I use ldapsearch with the same base, search filter, and credentials as the ldap auth config I get the correct