similar to: Dovecot replication over TCP/SSL, certificate error

Am 12.01.2015 um 13:29 schrieb Jonas Plitt: > *doveadm(example at example.com <example at example.com>): Error: Couldn't > initialize SSL context: Can't load CA certs from directory /etc/ssl/certs: > error:02001024:system library:fopen:File name too longdoveadm: Error: > Failed to iterate through some users*" > > this is my config (part): > > *ssl_cert =

Hi all, after upgrade from some 2.0 version to 2.2.19 (debian) i face map login problems: # doveconf -n # 2.2.19 (ca91d540fd87): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.9 # OS: Linux 2.6.32-5-amd64 x86_64 Debian 8.2 ext4 auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain debug_log_path = /var/log/dovecot-debug.log hostname = test.my.domain.de

I'm getting this in the log when proxying IMAP (three "valid certificate" messages, two "Invalid certificate" messages) Why is dovecot (acting as a proxy to another dovecot instance here) not recognizing the StartCom Extended Validation Server CA? . LOGIN ralf.hildebrandt at charite.de mypassword Sep 25 14:13:04 auth-worker(30859): Info: mysql(sql.charite.de): Connected

Hello, the error is still present: May 8 19:47:18 opsys dovecot: imap-login: Disconnected (no auth attempts): rip=82.113.119.140, lip=78.46.216.126 Whenever I start a session with openssl to STARTTTL (Server: mail.opsys.de) the handshake is successfull. Also I am able to login to my account via 1 login. In Thunderbird port 993 for SSL/TLS works correct, only STARTTLS on port 143 isn't

Hi there, Does anyone know how to do this: "Put all the certificates in the ssl_cert file. For example when using a certificate signed by TDC the correct order is: Dovecot's public certificate TDC SSL Server CA TDC Internet Root CA Globalsign Partners CA " I try to set these parameters in the conf.d/10-ssl.conf as below, but it seems doesn't work. ---

Folks, I am terribly puzzled by an issue reported as bug 2381 [http://bugs.centos.org/view.php?id=2381] ? definitely an upstream bug, as it does the same under X/OS 5 and StartCom 5. Simply put: Hibernation fails with horrendous I/O errors after swsusp starts dumping to swap. What bugs me is that hibernating from the CentOS 5 LiveCD *works*!!! (on the same hardware) How could I investigate to

Greetings all, I have verified a bug that has long been attributed to lack of knowledge on the part of the user. Dovecot rejects StartSSL client certificates due to reject StartSSL root CA when doing client verification even though the appropriately constructed ca-bundle.pem has been created and applied vi ssl_ca = </etc/dovecot/ca-bundle.pem. openssl verify -CAfile ca-bundle.pem

Hello Folks, my StartCom SSL-Certificate expires soon and so I wanted to switch to Let's Encrypt Certificates instead. Unfortunatelly Thunderbird seems not to like it, although all -tested- other Clients work without any problems. When I connect with Thunderbird it sends an "Encrypted Alert" directly after the TLS handshake although Dovecot wants to continue the session. In the

On Jun 15, 2016, at 9:02 AM, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > > I do see WoSign there (though I'd prefer to avoid my US located servers > have certificates signed by authority located in China, hence located sort > of behind "the great firewall of China" - call me superstitious). That?s a perfectly valid concern. The last I heard, modern

Hi, I'm running two Dovecot 2.2.9 Servers running replication. Users are the same. My Replication is very slow. Mails from Server one appear on Server two after 1-3 hours. Rarely i can see duplicated mails (Log message "Expunged message reappeared. Setting new UID"). This is my doveconf -n output: > # 2.2.9: /etc/dovecot/dovecot.conf > # OS: Linux 3.13.0-44-generic x86_64

Does anyone know how to submit wishes to the EPEL Wishlist here? http://fedoraproject.org/wiki/EPEL/WishList It reads "Immutable Page". They say: "Please add packages that are part of Fedora but lack a EPEL maintainer to this list", but there is no way to do that! They don't say if "Packages part of Fedora" means "Core" or it can be Extras too, but

Dear friends, First, thanks for helping me on ssh default option for smartcards. I recompiled SSH from CVS and it seems to work. I still have problems with: ssh-add -s /usr/lib/opensc-pkcs11.so Enter passphrase for PKCS#11: (I enter PIN code) SSH_AGENT_FAILURE Could not add card: /usr/lib/opensc-pkcs11.so pkcs11-tool --slot 1 -O Public Key Object; RSA 2048 bits label: Public Key ID:

On Jun 15, 2016, at 9:38 AM, Warren Young <wyml at etr-usa.com> wrote: > > On Jun 15, 2016, at 9:02 AM, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > >> I do not see neither starttls.com nor letsencrypt.org between Authorities >> certificates. > > That?s because they are not top-tier CAs. I forgot to mention that letsencrypt.com uses one of its

xxxx at imapproxy01:/etc/dovecot/conf.d$ dovecot -n# 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf# Pigeonhole version 0.5.7.2 ()# OS: Linux 5.4.0-1031-azure x86_64 Ubuntu 20.04.1 LTS# Hostname: imapproxy01.trf04sdec2hu1b4wur4lazeo3f.px.internal.cloudapp.netauth_verbose = yesdisable_plaintext_auth = noimapc_host = imap.gmail.comimapc_password = # hidden, use -P to show itimapc_port = 993imapc_ssl

On Wed, June 15, 2016 10:48 am, Warren Young wrote: > On Jun 15, 2016, at 9:38 AM, Warren Young <wyml at etr-usa.com> wrote: >> >> On Jun 15, 2016, at 9:02 AM, Valeri Galtsev <galtsev at kicp.uchicago.edu> >> wrote: >> >>> I do not see neither starttls.com nor letsencrypt.org between >>> Authorities >>> certificates. >>

Hi, On 2015-11-12 08:03, Frank Rust wrote: > Hi all, > after upgrade from some 2.0 version to 2.2.19 (debian) i face map > login problems: > > # doveconf -n > # 2.2.19 (ca91d540fd87): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.4.9 > # OS: Linux 2.6.32-5-amd64 x86_64 Debian 8.2 ext4 > auth_debug = yes > auth_debug_passwords = yes > auth_verbose = yes >

Although I know the basics about getting and installing web and mail server ssl certs, I haven't had to "purchase" and do it "myself" for some time. i always had someone else dealing with it. I am wondering what you folks on the list are using on your centos web and mail servers :-) Are you making your own or are you purchasing them from godaddy, thawte, geotrust,

thanks for your reply i intentionaly put the wrong password and checked the dovecot log and the message i got was # tail -f /var/log/dovecot.log | grep "xxx at yyy.com" Nov 25 08:47:46 imap-login: Info: Aborted login (auth failed, 1 attempts in 2 secs): user=<xxx at yyy.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<xObTWqYIwgB/AAAB> but in the

Thanks a lot! This was added by a new debian package file! They added the 15-mailboxes.conf file with this input-namespace. It?s a bad thing. For changed configuration the installer asks which version, old or new to take, but new files are installed without confirmation. But that?s a debian problem, not dovecot. Best regards, Frank > Am 12.11.2015 um 08:58 schrieb Christian Kivalo

https://bugzilla.mindrot.org/show_bug.cgi?id=1751 Summary: ssh-add -s /usr/lib/opensc-pkcs11.so does not work Product: Portable OpenSSH Version: 5.4p1 Platform: amd64 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Smartcard AssignedTo: unassigned-bugs at mindrot.org