similar to: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)

* Aki Tuomi <aki.tuomi at dovecot.fi>: > > > On 20.03.2017 14:30, Ralf Hildebrandt wrote: > > ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt > > Leave the < out. It is misleading, I know, but it does say file. =) Makes no difference: # doveconf |fgrep ssl_client_ca ssl_client_ca_dir = ssl_client_ca_file = /etc/ssl/certs/ca-certificates.crt and with

* Ralf Hildebrandt <r at sys4.de>: > Mar 20 16:10:17 mproxy dovecot: master: Dovecot v2.2.devel (a39b5b2) starting up for imap > Mar 20 16:10:26 mproxy dovecot: auth: Error: imapc(exchange-imap.charite.de:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings) > Mar 20 16:10:26 mproxy dovecot: auth: Error:

* Aki Tuomi <aki.tuomi at dovecot.fi>: > Could you send us the gdb bt full backtrace for the core file? Currently I can't get it to create coredumps doveconf -n: # 2.2.devel (3f97702): /etc/dovecot/dovecot.conf # Pigeonhole version 0.4.devel (023f391) # OS: Linux 4.4.0-65-generic x86_64 Ubuntu 16.04.2 LTS auth_mechanisms = plain login default_vsz_limit = 1 G imapc_host =

On 20.03.2017 16:40, Ralf Hildebrandt wrote: > * Aki Tuomi <aki.tuomi at dovecot.fi>: >> >> On 20.03.2017 14:30, Ralf Hildebrandt wrote: >>> ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt >> Leave the < out. It is misleading, I know, but it does say file. =) > Makes no difference: > > # doveconf |fgrep ssl_client_ca >

After upgrading from 2.2.28-1~auto+45 to 2.2.29-1~auto+25 I'm gettings this: May 31 16:44:31 mproxy dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting May 31 16:44:31 mproxy dovecot: master: Error: service(auth): command startup failed, throttling for 8 secs May 31 16:44:31 mproxy dovecot: imap-login: Disconnected: Auth process broken

On 23.03.2017 11:59, Ralf Hildebrandt wrote: > * Ralf Hildebrandt <r at sys4.de>: > >> Mar 20 16:10:17 mproxy dovecot: master: Dovecot v2.2.devel (a39b5b2) starting up for imap >> Mar 20 16:10:26 mproxy dovecot: auth: Error: imapc(exchange-imap.charite.de:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_*

* Ralf Hildebrandt <dovecot at dovecot.org>: > * Aki Tuomi <aki.tuomi at dovecot.fi>: > > > Could you send us the gdb bt full backtrace for the core file? > > Currently I can't get it to create coredumps Got a coredump and backtrace: ============================= Mar 20 16:10:17 mproxy dovecot: master: Dovecot v2.2.devel (a39b5b2) starting up for imap Mar 20

> On June 1, 2017 at 1:42 PM Ralf Hildebrandt <Ralf.Hildebrandt at charite.de> wrote: > > > * Aki Tuomi <aki.tuomi at dovecot.fi>: > > > > > So I added > > > > ssl_ca_file = /etc/ssl/certs/ca-certificates.crt > > > > > > > > But alas: > > > > May 31 16:50:24 mproxy dovecot: config: Warning: Obsolete setting

> On May 31, 2017 at 6:10 PM Ralf Hildebrandt <Ralf.Hildebrandt at charite.de> wrote: > > > * Ralf Hildebrandt <Ralf.Hildebrandt at charite.de>: > > > So I added > > ssl_ca_file = /etc/ssl/certs/ca-certificates.crt > > > > But alas: > > May 31 16:50:24 mproxy dovecot: config: Warning: Obsolete setting in

I'm trying to adapt http://wiki2.dovecot.org/HowTo/ImapcProxy to our Exchange Server, which has LOGINDISABLED on Port 143, and I offering LOGIN on Port 993. How do I go about this? Simply changing imapc_port to: imapc_port = 993 doesnt work: Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS

I'm using the auto builds (2:2.2.24-1~auto+3) for Ubuntu/Debian. The recent upgrade to 2.2.24 cause the follwoing error to appear: I can log in to a mailbox via dovecot I can delete emails Upon expunge, dovecot crashes: Apr 29 11:05:30 mproxy dovecot: imap(hildeb): expunge: box=INBOX, uid=142514, msgid=, size=10086 Apr 29 11:05:30 mproxy dovecot: imap(hildeb): expunge: box=INBOX,

>From the log: Jul 11 13:12:42 mproxy dovecot: imap-login: Login: user=<hildeb>, method=PLAIN, rip=141.42.206.36, lip=141.42.206.11, mpid=27254, TLS, session=<TGwoO1o3id+NKs4k> Jul 11 13:12:44 mproxy dovecot: imap(hildeb)<TGwoO1o3id+NKs4k>: Panic: file imap-client.c: line 854 (client_check_command_hangs): assertion failed: ((io_loop_find_fd_conditions(current_ioloop,

We're encountering a crash when proxying to an Exchange server: Mar 30 10:40:47 mproxy dovecot: imap-login: Login: user=<xxxbxxx>, method=PLAIN, rip=10.39.76.71, lip=141.42.206.11, mpid=18556, TLS, session=<H98xGkAvfvMKJ0xH> Mar 30 10:40:49 mproxy dovecot: imap(xxxbxxx): Fatal: block_alloc(134217728): Out of memory Mar 30 10:40:49 mproxy dovecot: imap(xxxbxxx): Error: Raw

* Ralf Hildebrandt <Ralf.Hildebrandt at charite.de>: > Hi! > > I upgraded the 2.2 packages today (from 2:2.2.28-1~auto+5 to 2:2.2.28-1~auto+8) I now I'm getting an error: I was able to determine the last working version: 2:2.2.28-1~auto+6 and the first "broken" version: 2:2.2.28-1~auto+7 -- Ralf Hildebrandt Gesch?ftsbereich IT | Abteilung

On 20.03.2017 14:30, Ralf Hildebrandt wrote: > ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt Leave the < out. It is misleading, I know, but it does say file. =) Aki

100% reproducible. User is using alpine to write an email. Continue postponed composition (answering "No" won't erase it)? y -> [>Empty folder! No messages really postponed!<] Can't delete {mproxy.charite.de/ssl/novalidate-cert/user=theusername}postponed-msgs Setup: ====== http://wiki2.dovecot.org/HowTo/ImapcProxy coredump available for further inspection Full

Hi, I have made change: ssl_protocols = !SSLv2 !SSLv3 ssl = required verbose_ssl = no ssl_key = </etc/ssl/private/private.key ssl_cert = </etc/ssl/certs/key.crt ssl_client_ca_file = </etc/ssl/certs/GandiCA2.pem # Create a listener for doveadm-server service doveadm { user = vmail inet_listener { port = 12345 ssl= yes } } and doveadm_port = 12345 // mail_replica =

Running Dovecot from the daily builds: 2:2.3.0~alpha0-1~auto+1287 in an proxy setup: auth_mechanisms = plain login default_vsz_limit = 1 G imapc_host = <redacted>.charite.de imapc_port = 993 imapc_ssl = imaps imapc_ssl_verify = no listen = *,:: mail_gid = imapproxy mail_home = /home/imapproxy/%u mail_location = imapc:~/imapc mail_plugins = mail_log notify mail_uid = imapproxy passdb {

Hi Aki, I do not have any error message but (on both server): doveadm replicator status '*' doveadm(root): Fatal: net_connect_unix(/var/run/dovecot/replicator-doveadm) failed: Connection refused Thx Le vendredi 3 f?vrier 2017 ? 17:09:52, vous ?criviez : > Please keep responses in list. rm -f > /var/lib/dovecot/ssl-parameters.dat, i think it was in that dir. > On

Hello, Still working with my dsync pb. I have done a clone (vmware) of my email server. Today I have two strictly identical emails servers (server1 (main) and server2 (bck) (except IP, hostname and mail_replica). The ssl config on my both server: ssl_protocols = !SSLv2 !SSLv3 ssl = required verbose_ssl = no ssl_key = </etc/ssl/private/private.key ssl_cert =