similar to: service doveadm : ssl problems

Have you specified the path to ca-certificates? On Debian it's normally something like that #10-ssl.conf ssl_client_ca_dir = /etc/ssl/certs see http://wiki.dovecot.org/Replication#SSL Am 10.11.2016 um 16:09 schrieb nerbrume at free.fr: > Hello, > > I'm using dovecot 2.2.13 on Debian stable. > My users are authenticated through PAM, and stored in an LDAP backend >

Hello, I tryed to eneble TLS connection from postfix to dovecot lmtp. Unfortunely I have problem with certificate, postfix shows, 2015-07-27T12:51:15.025333+02:00 k30 postfix/lmtp[4572]: Untrusted TLS connection established to 192.168.67.30[192.168.67.30]:24: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) I checked certs by openssl s_client: #openssl s_client -connect

Hi, I'm trying to configure a Dovecot dsync service between two servers, using a tcp+ssl connection and a valid Let's Encrypt certificate. I followed the guide on the wiki (http://wiki.dovecot.org/Replication) using the tcps method, but when I launch the replication it fails writing on the log (/var/log/mail.err): (Server 1 - sync "client" )| Error: sync: Disconnected from

On 01/05/2017 08:55 PM, Juri wrote: > 5 Gennaio 2017 01:21, "John Fawcett" <john at voipsupport.it> wrote: > >> On 01/04/2017 08:40 PM, Juri wrote: >> >> > Thank you. > > In fact I tried both settings, that is > |ssl_client_ca_dir = /etc/ssl/certs > |ssl_client_ca_file = /etc/letsencrypt/live/mail.dividebyzero.it/chain.pem > but with no

Hi people, i have a problem with trying ldaps i use autogenerated self-signed certificate, i write in smb this: tls enabled = yes tls keyfile = tls/key.pem tls certfile = tls/cert.pem without cafile when i try to verify with: openssl verify /usr/local/samba/private/tls/myCert.pem it said me unable to verify the first certificate and if add -CApath works! and finally when i try from another

On 8/29/19 3:03 AM, Gary Stainburn wrote: > https://us-east.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized." What do you see when you run: ??? openssl s_client -showcerts -connect us-east.repo.webtatic.com:443

Hi all, Does anyone know if it exists a patch for OpenSSH for Windows to allow authentication through certificates? Is it possible to make one if it doesn't exists? Using OpenSSH for Windows 3.8p1-1 20040709 Build. I know there is Roumen Petrov patch, but is for unix machines if i'm not mistaken. I need a similar one for Windows that work with the Roumen Petrov patch so i can have

I have several samba servers on Debian 10 all using : samba 2:4.9.5+dfsg-5+deb10u1 amd64 I use tls cafile, tls certfile and tls keyfile with certificates from Sectigo (https://cert-manager.com) And when checking my connexion from the samba server, or from outside, I've got "unable to verify the first certificate" even if tls_cafile is provided in smb.conf. What is wrong

Am 2019-08-29 17:36, schrieb Gary Stainburn: > On Thursday 29 August 2019 16:20:00 Alexander Dalloz wrote: >> Hi, >> >> yum uses libcurl behind the scenes and thus NSS and not OpenSSL. >> >> Do you get something indicative when running: >> >> URLGRABBER_DEBUG=1 yum --disablerepo=\* --enablerepo=webtatic >> check-update >> >>

On Fri, 2015-04-17 at 10:46 +0200, Luca Olivetti wrote: > El 17/04/15 a les 06:26, Fred Smith ha escrit: > > I'm trying to confirm that LDAP traffic is encrypted on my Samba 4 DC. I > > have read and followed https://wiki.samba.org/index.php/Setup_LDAPS_on_a_DC > > but when I attempt to connect to the DC on port 636 or via ldaps:// or both > > via ldapsearch (linux)

Hello, I've a not really dovecot specific problem with my certificate. Since the OpenSSL documentation isn't what I expect to be at least good, I hope someone here can give me a hint how/where fo fix it; I've created a root-Certificate with almost untouched openssl.cnf and issued a server-certificate for dovecot. This cert and it's key I placed in somewhat like /var/dovecot.

Hi all, i have had sip TLS with an own signed certificate (using the ast_tls_cert script) running on asterisk-1.8.8 - i then have updated to 1.8.9.3 - and now i get the message "FILE * open failed!" I have already recreated the certificates with the script - but still no luck... Does anyone here know the source of the problem ? best regards, Wolfgang Pichler

Hi, I recognised some funny behaviour on my server. IMAP clients which won't send an Server Name Indication (SNI) sometimes get the wrong certificate. I would expect that those clients always get the default certificate (of my new domain), instead in about 20 to 50% of connections the certificate of my old domain will be presented. (sample rate was 3 times 30 connections) Clients sending SNI

Sure, and thanks for trying to help! These are the two correct answers when SNI is included. The certificates are fully chained. Both certificates carry the same subject mail.cs.sbg.ac.at but differ in Subject Alternative Name (SAN). X509v3 Subject Alternative Name:? ? DNS:mail.cs.sbg.ac.at, DNS:smtp.cs.sbg.ac.at, DNS:imap.cs.sbg.ac.at, DNS:pop.cs.sbg.ac.at X509v3 Subject Alternative Name:? ?

On 8/30/19 5:52 AM, Gary Stainburn wrote: > Incidentally, the*good* server that I was referencing my broken server against has decided to start giving the curl certificate errors in the same way that the broken one did. Very strange. I ran It's possible that the error is unrelated to the ca-certificates file.? You'll only see it if yum selects a mirror that uses a Let's Encrypt

Hey list, I was having a similar SSL/openLDAP problem to this last week. I had a chance to look at this again today and it still appears to not be working. I called godaddy and had the last cert cancelled and reissued as I had mis-typed the name of the CN on the last one. I am trying to setup a Godaddy turbo SSL certificate with an openLDAP 2.4 server under FreeBSD 8.1. The clients are mainly

Hi, I'm trying to convert my LDAP server into a LDAPS server to secure the users logins, but I don't know what's the procedure to do it. Someone knows any guide to do it? For now: - I've created a CA cert on the server - I've created the cert and key for the domain pdc - I've signed that cert with CA cert. - I've followed the post in samba wiki about

Hi there guys, do not know if post this here or in openldap list, sorry if I disturb you. I configured samba+ldap as a PDC and byt now it's working fine, so, I decided to put some security to the stuff. The problem is that I coudl not make it work, here I what I've done. This is what netstat shows. tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:636 0.0.0.0:* LISTEN tcp 0 0

This change adds cainfo and capath options to the curl plugin. They refer directly to CURLOPT_CAINFO and CURLOPT_CAPATH, as documented in libcurl. Signed-off-by: Wiktor Gołgowski <wiktor.golgowski@linux.intel.com> --- plugins/curl/curl.c | 16 ++++++++++++++++ plugins/curl/nbdkit-curl-plugin.pod | 9 +++++++++ 2 files changed, 25 insertions(+) diff --git

I'm really racking my brain trying to figure this one out here. I am running a pop3 server for remote offices on CentOS 5.2. We purchased a SSL cert from Verisign and installed it on our dovecot server, but I continue to get failure problems with the cert and I don't know where to go from here. here is some info about our config: dovecot version: # dovecot --version 1.0.7 hostname: