Displaying 20 results from an estimated 1000 matches similar to: "]UG] Dovecot 2.2.9 SSL client cert verification fails: openssl verify: OK"
2016 Jun 15
0
https and self signed
On Jun 15, 2016, at 9:38 AM, Warren Young <wyml at etr-usa.com> wrote:
>
> On Jun 15, 2016, at 9:02 AM, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote:
>
>> I do not see neither starttls.com nor letsencrypt.org between Authorities
>> certificates.
>
> That?s because they are not top-tier CAs.
I forgot to mention that letsencrypt.com uses one of its
2016 Jun 15
1
https and self signed
On Wed, June 15, 2016 10:48 am, Warren Young wrote:
> On Jun 15, 2016, at 9:38 AM, Warren Young <wyml at etr-usa.com> wrote:
>>
>> On Jun 15, 2016, at 9:02 AM, Valeri Galtsev <galtsev at kicp.uchicago.edu>
>> wrote:
>>
>>> I do not see neither starttls.com nor letsencrypt.org between
>>> Authorities
>>> certificates.
>>
2009 Dec 29
0
{SOLVED} Re: OT: What are the 2 openssl commands I need to use?
On Tue, Dec 29, 2009 at 12:36 PM, Lanny Marcus <lmmailinglists at gmail.com> wrote:
> I looked on the openssl man page but am too dense with commands to
> understand what I need to do..... ? Ran into problems generating a key
> and CSR for SSL, ?because the web site is on a server with an old
> Ensim Control Panel. ?Please someone knowledgeable, ?give me the
> openssl commands
2013 May 18
1
How to configure ssl cert chain in dovecot 10-ssl.conf file
Hi there,
Does anyone know how to do this:
"Put all the certificates in the ssl_cert file. For example when using a certificate signed by TDC the correct order is:
Dovecot's public certificate
TDC SSL Server CA
TDC Internet Root CA
Globalsign Partners CA "
I try to set these parameters in the conf.d/10-ssl.conf as below, but it seems doesn't work.
---
2014 Sep 25
2
SSL issues when proxying
I'm getting this in the log when proxying IMAP (three "valid
certificate" messages, two "Invalid certificate" messages)
Why is dovecot (acting as a proxy to another dovecot instance here) not
recognizing the StartCom Extended Validation Server CA?
. LOGIN ralf.hildebrandt at charite.de mypassword
Sep 25 14:13:04 auth-worker(30859): Info: mysql(sql.charite.de): Connected
2015 Mar 03
1
Ignorant question on SSL certs
Greg Bailey wrote:
>> I'm really just asking if I cannot just use what I take to be
>> the standard openssl certificate and key in /etc/pki/tls/
>> Do I really have to create up a special cert for dovecot?
> There's not really a "standard" SSL certificate. Perhaps you're
> referring to a "default" certificate used by the webserver?
No. I
2015 Jan 12
2
Dovecot replication over TCP/SSL, certificate error
Hi All,
I'm running TCP-based dsync replication on two dovecot nodes. Nowdays i
tried to enable SSL (TCPS).
I changed mail_replica prefix from tcp:* to tcps:* and added ssl=yes to the
inet_listener.
Then on running *doveadm sync* i'm getting the following message:
"
*doveadm(example at example.com <example at example.com>): Error: Couldn't
initialize SSL context: Can't
2015 Nov 12
2
Problems after upgrade from 2.0 to 2.2
Hi all,
after upgrade from some 2.0 version to 2.2.19 (debian) i face map login problems:
# doveconf -n
# 2.2.19 (ca91d540fd87): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.9
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 8.2 ext4
auth_debug = yes
auth_debug_passwords = yes
auth_verbose = yes
auth_verbose_passwords = plain
debug_log_path = /var/log/dovecot-debug.log
hostname = test.my.domain.de
2015 Mar 03
0
Ignorant question on SSL certs
On 03/03/2015 08:12 AM, Timothy Murphy wrote:
> Jason Pyeron wrote:
>
>>> I'm getting endless complaints about my dovecot cert,
>> Exact message please?
> The certificate does not apply to the given host
> The certificate is not signed by any trusted certificate authority
>
>>> Do I really have to use a separate cert and key for dovecot?
>>> Can
2017 Feb 02
0
SNI with mixed certs
Dovecot SNI is failing hard today. Server with n domains, each with a startssl certificate of its own, all certificates expired this morning. Decision: move to Letsencrypt. Firsr certificate issued and installed. Other domains in the pipeline. Dovecot server rebooted. Expected result: one domain returning the new cert, and the n-1 domains returning the expiration notification. Actual result: the
2015 Jan 12
0
Dovecot replication over TCP/SSL, certificate error
Am 12.01.2015 um 13:29 schrieb Jonas Plitt:
> *doveadm(example at example.com <example at example.com>): Error: Couldn't
> initialize SSL context: Can't load CA certs from directory /etc/ssl/certs:
> error:02001024:system library:fopen:File name too longdoveadm: Error:
> Failed to iterate through some users*"
>
> this is my config (part):
>
> *ssl_cert =
2013 Sep 13
3
SSL with startssl.com certificates
I'm using Dovecot 2.2.5. I'm setting up and new IMAPS server for
personal use (i.e. only me).
I have success with self-signed certificates but not with others (e.g.
StartSSL.com)
With StartSSL certs:
I've been able to connect and test commands via: openssl s_client
-connect imaps.unixathome.org:993
Can you configure your iPhone or Macbook to access the above?
Authentication
2015 Feb 10
0
Slow replication
Hi,
I'm running two Dovecot 2.2.9 Servers running replication. Users are the
same.
My Replication is very slow. Mails from Server one appear on Server two
after 1-3 hours. Rarely i can see duplicated mails (Log message "Expunged
message reappeared. Setting new UID").
This is my doveconf -n output:
> # 2.2.9: /etc/dovecot/dovecot.conf
> # OS: Linux 3.13.0-44-generic x86_64
2016 Jun 15
8
https and self signed
On Jun 15, 2016, at 7:57 AM, ????????? ???????? <nevis2us at infoline.su> wrote:
>
> Nowadays it's quite easy to get normal ssl certificates for free. E.g.
>
> http://www.startssl.com
> http://buy.wosign.com/free
Today, I would prefer Let?s Encrypt:
https://letsencrypt.org/
It is philosophically aligned with the open source software world, rather than act as bait
2010 Apr 08
1
ssh-add -s /usr/lib/opensc-pkcs11.so does not work
Dear friends,
First, thanks for helping me on ssh default option for smartcards. I
recompiled SSH from CVS and it seems to work.
I still have problems with:
ssh-add -s /usr/lib/opensc-pkcs11.so
Enter passphrase for PKCS#11: (I enter PIN code)
SSH_AGENT_FAILURE
Could not add card: /usr/lib/opensc-pkcs11.so
pkcs11-tool --slot 1 -O
Public Key Object; RSA 2048 bits
label: Public Key
ID:
2015 Nov 12
0
Problems after upgrade from 2.0 to 2.2
Hi,
On 2015-11-12 08:03, Frank Rust wrote:
> Hi all,
> after upgrade from some 2.0 version to 2.2.19 (debian) i face map
> login problems:
>
> # doveconf -n
> # 2.2.19 (ca91d540fd87): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.9
> # OS: Linux 2.6.32-5-amd64 x86_64 Debian 8.2 ext4
> auth_debug = yes
> auth_debug_passwords = yes
> auth_verbose = yes
>
2015 Nov 12
1
Problems after upgrade from 2.0 to 2.2
Thanks a lot!
This was added by a new debian package file! They added the 15-mailboxes.conf file with this input-namespace.
It?s a bad thing. For changed configuration the installer asks which version, old or new to take, but new files are installed without confirmation. But that?s a debian problem, not dovecot.
Best regards,
Frank
> Am 12.11.2015 um 08:58 schrieb Christian Kivalo
2012 May 08
2
Thunderbird STARTTLS error
Hello,
the error is still present:
May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth
attempts): rip=82.113.119.140, lip=78.46.216.126
Whenever I start a session with openssl to STARTTTL (Server:
mail.opsys.de) the handshake is successfull. Also I am able to login to
my account via 1 login.
In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on port
143 isn't
2018 Sep 17
0
Proxy secured incoming POP3/IMAP4 to unsecure backend?
Thank you!
Ok, so I can omit ssl=no and startssl=no, and this results in default
settings for ssl which is 'off'? Or the defaults are 'on' anyway?
Can I somehow specify ports on remote hosts that proxy will use to connect
to? Like (just image): 'proxy host_imap=10.1.1.1:143 host_pop=10.1.1.1:110'
or somehow?
On Mon, Sep 17, 2018 at 4:33 PM Aki Tuomi <aki.tuomi at
2016 Oct 10
1
Hierarchy separator and LAYOUT=FS change
Hello,
I stumbled across a 5-year-old post on the dovecot list about changing the dovecot hierarchy separator to enable shared mailboxes (http://www.dovecot.org/list/dovecot/2011-January/056201.html <http://www.dovecot.org/list/dovecot/2011-January/056201.html>).
At the moment I?m stuck in a pretty similar situation. Migrated from courier to dovecot 2 years ago and preserved the