similar to: Dovecot dsync tcps sends incomplete certificate chain

On 01/05/2017 08:55 PM, Juri wrote: > 5 Gennaio 2017 01:21, "John Fawcett" <john at voipsupport.it> wrote: > >> On 01/04/2017 08:40 PM, Juri wrote: >> >> > Thank you. > > In fact I tried both settings, that is > |ssl_client_ca_dir = /etc/ssl/certs > |ssl_client_ca_file = /etc/letsencrypt/live/mail.dividebyzero.it/chain.pem > but with no

5 Gennaio 2017 01:21, "John Fawcett" <john at voipsupport.it> wrote: > On 01/04/2017 08:40 PM, Juri wrote: > >> Hi, >> I'm trying to configure a Dovecot dsync service between two servers, using a tcp+ssl connection and >> a valid Let's Encrypt certificate. >> I followed the guide on the wiki (http://wiki.dovecot.org/Replication) using the

Hello, I'm using dovecot 2.2.13 on Debian stable. My users are authenticated through PAM, and stored in an LDAP backend I'm trying to set-up replication with ssl, following (mainly) this : http://wiki2.dovecot.org/Replication 1) I only diverted from the instructed setup by not setting "doveadm_port = 12345", as it would give me errors of the like: > Fatal:

Hi, Dovecot 2.2.32-34 FreeBSD 10.4 Solr 7.2.1(Centos 6) When I try to use https to connect to solr, I get error when a self-signed certificate: Mar 3 05:15:47 server dovecot: indexer-worker(email at domain.com): Received invalid SSL certificate: self signed certificate: /C=Country/ ST=State/L=Location/O=Organization/OU=Organizational Unit/CN=solr.domain.com Mar 3 05:15:47 server dovecot:

> On 05/07/2020 19:43 Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > On 04/07/2020 21:12 la.jolie at paquerette <la.jolie at paquerette.org> wrote: > > > > > > Hello, > > > > I'm trying to configure roundcube / dovecot to work with keycloak. > > I activated xoauth2 oauthbearer in dovecot. > > But a problem

I've installed LE certs on my Dovecot a while back, and, it has been working OK since, but, today, an iPhone user said he can't get emails as iphone says 'cert is expired', searching around, I see some other iPhone similar issues reported, do I have my conf correct, I have; # cat dovecot.conf | grep ssl ssl = required verbose_ssl = no ssl_cert =

On 8/29/19 3:03 AM, Gary Stainburn wrote: > https://us-east.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized." What do you see when you run: ??? openssl s_client -showcerts -connect us-east.repo.webtatic.com:443

Hi, I am running dovecot 2.2.22-1ubuntu2.4 on a ubuntu 16.04 server. It has a valid Letsencrypt certificate but the problem also happens with a self-digned one. Only openssl s_client -connect localhost:993 works fine and fast, while all MUA's and telnet does not. Telnet timeouts waiting for banner after a minute or so: root at netuno:~# openssl s_client -connect localhost:993

Hello, I'm trying to configure roundcube / dovecot to work with keycloak. I activated xoauth2 oauthbearer in dovecot. But a problem occurs when dovecot tries to contact the keycloak server (logs are below). My problem looks like this one: https://dovecot.org/pipermail/dovecot/2019-December/117768.html The response to this problem was about a bug in oauth driver

Dovecot v2.2.18 OS: FreeBSD 10.1/amd64 Dovecot in proxy mode ignores the root certificate store and can't verify the backend's SSL certificate. I've pointed ssl_client_ca_file to my root certificate store, but I suspect ssl_client_ca_file is only used in imapc context. It seems to be ignored in proxy context. doveconf -n ssl_client_ca_file: ssl_client_ca_file =

Hi all, We'd like to enable OAuth with Keycloak in Dovecot, after enabling 'OAUTHBEARER XOAUTH2' in Dovecot based on online document, I can confirm Dovecot is ready for OAuth using openssl command, however when the auth request comes in, it failed in establishing a SSL connection with Keycloak server on port 443, shown as following in debug logs. I can confirming using commands

Op 8-2-2017 om 21:07 schreef Jan Vonde: > Am 07.02.2017 um 12:29 schrieb Stephan Bosch: >> >> Op 31-1-2017 om 6:33 schreef Jan Vonde: >>> Am 31.01.2017 um 00:04 schrieb Stephan Bosch: >>>> Op 1/22/2017 om 12:01 PM schreef Stephan Bosch: >>>>> Op 1/22/2017 om 10:01 AM schreef Jan Vonde: >>>>>> I tried adding the following settings

Op 31-1-2017 om 6:33 schreef Jan Vonde: > Am 31.01.2017 um 00:04 schrieb Stephan Bosch: >> Op 1/22/2017 om 12:01 PM schreef Stephan Bosch: >>> Op 1/22/2017 om 10:01 AM schreef Jan Vonde: >>>> I tried adding the following settings but that didn't help: >>>> ssl_ca = < /etc/ssl/certs/ca-certificates.crt >>>> ssl_client_ca_dir =

Hello! Dovecot manages different domains. Today I renewed the certifiactes from letsencrypt and since that time, dovecot does not recognized the certs for different domains anymore: This is part of my config: ssl = yes ssl_cert = < /etc/letsencrypt/live/bitcorner.de/fullchain.pem ssl_key = < /etc/letsencrypt/live/bitcorner.de/privkey.pem local 37.120.166.21 { # instead of IP you can also

I have several samba servers on Debian 10 all using : samba 2:4.9.5+dfsg-5+deb10u1 amd64 I use tls cafile, tls certfile and tls keyfile with certificates from Sectigo (https://cert-manager.com) And when checking my connexion from the samba server, or from outside, I've got "unable to verify the first certificate" even if tls_cafile is provided in smb.conf. What is wrong

On Thu, 11 Jan 2018 12:20:45 +0200, Aki Tuomi wrote: > Was the certificate path bundled in the server certificate? No, as a separate file, provided from the local (intermediate) CA: ssl_cert = </etc/openssl/certs/server.cert ssl_key = </etc/openssl/private/server.key ssl_ca = </etc/openssl/certs/ca-cert-chain.pem Worked fine with 2.2.x, 2.3 gives % openssl s_client -connect XXX:993

The result is the same with or without "<" before the file path. With "<" the inode atime is updated at Dovecot startup, so the file is at least opened, but Dovecot still can't verify the cert. The only place in the Wiki that shows an example of ssl_client_ca_file is on this page, and there's no "<" in front of the file path:

Hello, I have 2 Dovecot 2.3.8 servers running SSL with valid wildcard certificates. Email clients connect fine, https://www.immuniweb.com/ssl/ tests show certificates are ok. However I can't make replication work when I add ssl = yes. Without ssl it works ok. I added verbose_ssl in config and error log shows: dovecot: doveadm(149.x.x.x): Error: SSL handshake failed: SSL_accept()

Hi, I've been seeing errors logged for some time with replication processes, whereby replication sessions seem to be timing out periodically. This is with dovecot version 2.3.10.1 (a3d0e1171) and both are Gentoo x86_64. After some investigation I've determined that these timeouts are only ever occurring with tcps as the replication connection type. These errors never occur if