Displaying 20 results from an estimated 2000 matches similar to: "Dovecot dsync 'ssl_client_ca'"
2017 Feb 03
4
Dovecot dsync 'ssl_client_ca'
Hi,
I have made change:
ssl_protocols = !SSLv2 !SSLv3
ssl = required
verbose_ssl = no
ssl_key = </etc/ssl/private/private.key
ssl_cert = </etc/ssl/certs/key.crt
ssl_client_ca_file = </etc/ssl/certs/GandiCA2.pem
# Create a listener for doveadm-server
service doveadm {
user = vmail
inet_listener {
port = 12345
ssl= yes
}
}
and doveadm_port = 12345 // mail_replica =
2017 Feb 06
2
Dovecot dsync 'ssl_client_ca'
Hi Aki,
I do not have any error message but (on both server):
doveadm replicator status '*'
doveadm(root): Fatal: net_connect_unix(/var/run/dovecot/replicator-doveadm) failed: Connection refused
Thx
Le vendredi 3 f?vrier 2017 ? 17:09:52, vous ?criviez :
> Please keep responses in list. rm -f
> /var/lib/dovecot/ssl-parameters.dat, i think it was in that dir.
> On
2017 Feb 07
2
Dovecot dsync 'ssl_client_ca'
Bonjour Markus,
> - Have you checked that port 12345 as specified below is open/forwarded
> and actually /used/ by dovecot (e.g., use "netstat -tulpn|grep dovecot")?
Yes of course:
tcp 0 0 0.0.0.0:12345 0.0.0.0:* LISTEN 22025/dovecot
tcp6 0 0 :::12345 :::* LISTEN 22025/dovecot
> -
2017 Feb 03
0
Dovecot dsync 'ssl_client_ca'
Please keep responses in list. rm -f
/var/lib/dovecot/ssl-parameters.dat, i think it was in that dir.
On 2017-02-03 17:00, Thierry wrote:
> Hi,
>
> I have removed the '<' :
>
> ssl_client_ca_file = /etc/ssl/certs/GandiCA2.pem
>
> But now:
>
> doveadm: Error: Corrupted SSL parameters file in state_dir: ssl-parameters.dat - disabling SSL 360
> doveadm:
2017 Feb 06
0
Dovecot dsync 'ssl_client_ca'
Dear Thierry,
- Have you checked that port 12345 as specified below is open/forwarded
and actually /used/ by dovecot (e.g., use "netstat -tulpn|grep dovecot")?
- Did you retrace your steps and have you verified that synchronisation
works with ssl disabled?
- Did you verify your certificate files (e.g., "openssl verify -verbose
-CAfile /etc/ssl/certs/GandiCA2.pem
2017 Feb 03
0
Dovecot dsync 'ssl_client_ca'
Hello,
On 02/03/2017 08:51 AM, Thierry wrote:
> Hello,
>
> Still working with my dsync pb.
> I have done a clone (vmware) of my email server.
> Today I have two strictly identical emails servers (server1
> (main) and server2 (bck) (except IP, hostname and mail_replica).
>
> The ssl config on my both server:
>
> ssl_protocols = !SSLv2 !SSLv3
> ssl =
2017 Mar 20
2
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
* Aki Tuomi <aki.tuomi at dovecot.fi>:
>
>
> On 20.03.2017 14:30, Ralf Hildebrandt wrote:
> > ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt
>
> Leave the < out. It is misleading, I know, but it does say file. =)
Makes no difference:
# doveconf |fgrep ssl_client_ca
ssl_client_ca_dir =
ssl_client_ca_file = /etc/ssl/certs/ca-certificates.crt
and with
2017 Mar 20
4
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
Hi!
I upgraded the 2.2 packages today (from 2:2.2.28-1~auto+5 to 2:2.2.28-1~auto+8) I now I'm getting an error:
Mar 20 13:25:58 mproxy dovecot: auth: Error: imapc(email.charite.de:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
I checked, and alas, I had
ssl_client_ca_dir =
ssl_client_ca_file =
So I set:
2017 Jan 23
2
dsync dovecot / Failed connection refused
Dear all,
I am using VMWare and I have cloned my emails server.
Now I do have two identicals servers, both running the same version of dovecot (2.2.13) and imap.
Let's call them: server1.domain.ltd and server2.domain.ltd.
I would like to sync both server using dsync.
Dovecot is working well except concerning the sync.
dsync config server1.domain.ltd
# Enable the replication plugin
2017 Jan 24
3
dsync dovecot / Failed connection refused
Hi Mike,
Is the value of the 'doveadm_port' if I am choosing: mail_replica =
tcp:server1.domain.ltd no ?
I might be wrong too ;)
Thx
Le mardi 24 janvier 2017 ? 11:41:28, vous ?criviez :
> Hello,
> I might be wrong, but the port which will be used for the replicator
> port is the value of 'doveadm_port' which in your case is 4711.
> Mike;
> On 01/23/2017
2017 Jan 04
3
Dovecot dsync tcps sends incomplete certificate chain
Hi,
I'm trying to configure a Dovecot dsync service between two servers, using a tcp+ssl connection and
a valid Let's Encrypt certificate.
I followed the guide on the wiki (http://wiki.dovecot.org/Replication) using the tcps method, but
when I launch the replication it fails writing on the log (/var/log/mail.err):
(Server 1 - sync "client" )| Error: sync: Disconnected from
2019 Nov 18
2
Doveadm replicator ssl issues
Hello, I have 2 Dovecot 2.3.8 servers running SSL with valid wildcard
certificates.
Email clients connect fine, https://www.immuniweb.com/ssl/ tests show
certificates are ok.
However I can't make replication work when I add ssl = yes.
Without ssl it works ok.
I added verbose_ssl in config and error log shows:
dovecot: doveadm(149.x.x.x): Error: SSL handshake failed: SSL_accept()
2017 Oct 13
2
Question regarding replication - duplicate emails
Dear Dovecot and community,
We run a small email service for our customers, based on two machines that are made ?redundant or clustered? by using the replication feature of Dovecot.
This works well, for most emails.
Sometimes the following happends:
Email to our support database arrives at the inbox.
Every period a cronjob looks into that mailbox and parses the information and makes a support
2018 Mar 03
1
Dovecot (doveadm, ssl, sync) - SSL error
Hello!
dsync SSL still doesn't work for replication, so I've disabled it and tried
to sync without.
But I have a problem with temp directory.
Is it possible to change path to temp folder?
I don't want to set permissions but change temporary folder for replication.
Thanks in advance.
dovecot: doveadm: Error: safe_mkstemp(/tmp/dovecot.doveadm.) failed:
Permission denied
2017 Jan 26
2
dsync dovecot / Failed connection refused
Your output looks like iptables -L -n. Can you add the -v option to
check if the rule did handle packages?
On 01/26/2017 05:39 PM, Thierry wrote:
> ACCEPT tcp -- anywhere anywhere tcp dpt:4711
2015 Feb 12
2
Dovecot dsync not replicating ".dovecot.sieve -> .sieve/managesieve.sieve" / setactive
Hello,
I've ran into problem with Dovecot and dsync replication. Everything
works perfectly, including replication of sieve scripts, except fact
that if user activates the 'managesieve' ruleset (I'm using currently
Roundcubemail) on "mail1" host, it wouldn't be activated on "mail2"
host, by creating symlink ".dovecot.sieve ->
2017 Oct 21
1
Question regarding replication - duplicate emails
Maybe you could not delete the message instantly, but keep track of last seen UID. UIDs increase monotonically, so you can rest assured that next arriving email has larger UID.
Then you can bulk delete mails that are older than one day.
Aki
> On October 20, 2017 at 8:01 PM Remko Lodder <remko at FreeBSD.org> wrote:
>
>
> Hi,
>
> Anyone has suggestions? The situation
2016 Nov 10
2
service doveadm : ssl problems
Hello,
I'm using dovecot 2.2.13 on Debian stable.
My users are authenticated through PAM, and stored in an LDAP backend
I'm trying to set-up replication with ssl, following (mainly) this : http://wiki2.dovecot.org/Replication
1) I only diverted from the instructed setup by not setting "doveadm_port = 12345", as it would give me errors of the like:
> Fatal:
2019 Mar 28
2
configuring Dovecot with wforced and auth_policy_server_url with https results in assertion failed
> On Mar 28, 2019, at 10:29 AM, Aki Tuomi via dovecot <dovecot at dovecot.org> wrote:
>
>> On 28 March 2019 16:08 Robert Kudyba via dovecot <dovecot at dovecot.org> wrote:
>>
>>
>> dovecot-2.3.3-1.fc29.x86_64
>>
>> Mar 28 10:04:47 auth: Panic: file http-client-request.c: line 283 (http_client_request_unref): assertion failed:
2020 Jun 13
2
Dovecot Replication Errors (only) when using tcps: as the mail_replica Protocol
Hi,
I've been seeing errors logged for some time with replication processes,
whereby replication sessions seem to be timing out periodically.
This is with dovecot version 2.3.10.1 (a3d0e1171) and both are Gentoo
x86_64.
After some investigation I've determined that these timeouts are only
ever occurring with tcps as the replication connection type. These
errors never occur if