Displaying 20 results from an estimated 2000 matches similar to: "Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)"
2017 Mar 20
2
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
* Aki Tuomi <aki.tuomi at dovecot.fi>:
>
>
> On 20.03.2017 14:30, Ralf Hildebrandt wrote:
> > ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt
>
> Leave the < out. It is misleading, I know, but it does say file. =)
Makes no difference:
# doveconf |fgrep ssl_client_ca
ssl_client_ca_dir =
ssl_client_ca_file = /etc/ssl/certs/ca-certificates.crt
and with
2017 Mar 23
2
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
* Ralf Hildebrandt <r at sys4.de>:
> Mar 20 16:10:17 mproxy dovecot: master: Dovecot v2.2.devel (a39b5b2) starting up for imap
> Mar 20 16:10:26 mproxy dovecot: auth: Error: imapc(exchange-imap.charite.de:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
> Mar 20 16:10:26 mproxy dovecot: auth: Error:
2017 Mar 20
2
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
* Aki Tuomi <aki.tuomi at dovecot.fi>:
> Could you send us the gdb bt full backtrace for the core file?
Currently I can't get it to create coredumps
doveconf -n:
# 2.2.devel (3f97702): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.devel (023f391)
# OS: Linux 4.4.0-65-generic x86_64 Ubuntu 16.04.2 LTS
auth_mechanisms = plain login
default_vsz_limit = 1 G
imapc_host =
2017 Mar 20
0
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
On 20.03.2017 16:40, Ralf Hildebrandt wrote:
> * Aki Tuomi <aki.tuomi at dovecot.fi>:
>>
>> On 20.03.2017 14:30, Ralf Hildebrandt wrote:
>>> ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt
>> Leave the < out. It is misleading, I know, but it does say file. =)
> Makes no difference:
>
> # doveconf |fgrep ssl_client_ca
>
2017 May 31
2
Bug with 2.2.29-1~auto+25 back to haunt me
After upgrading from 2.2.28-1~auto+45 to 2.2.29-1~auto+25 I'm gettings
this:
May 31 16:44:31 mproxy dovecot: auth: Fatal: passdb imap: Cannot verify certificate without ssl_ca_dir or ssl_ca_file setting
May 31 16:44:31 mproxy dovecot: master: Error: service(auth): command startup failed, throttling for 8 secs
May 31 16:44:31 mproxy dovecot: imap-login: Disconnected: Auth process broken
2017 Mar 23
0
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
On 23.03.2017 11:59, Ralf Hildebrandt wrote:
> * Ralf Hildebrandt <r at sys4.de>:
>
>> Mar 20 16:10:17 mproxy dovecot: master: Dovecot v2.2.devel (a39b5b2) starting up for imap
>> Mar 20 16:10:26 mproxy dovecot: auth: Error: imapc(exchange-imap.charite.de:993): Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_*
2017 Mar 20
0
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
* Ralf Hildebrandt <dovecot at dovecot.org>:
> * Aki Tuomi <aki.tuomi at dovecot.fi>:
>
> > Could you send us the gdb bt full backtrace for the core file?
>
> Currently I can't get it to create coredumps
Got a coredump and backtrace:
=============================
Mar 20 16:10:17 mproxy dovecot: master: Dovecot v2.2.devel (a39b5b2) starting up for imap
Mar 20
2017 Jun 02
2
Bug with 2.2.29-1~auto+25 back to haunt me
> On June 1, 2017 at 1:42 PM Ralf Hildebrandt <Ralf.Hildebrandt at charite.de> wrote:
>
>
> * Aki Tuomi <aki.tuomi at dovecot.fi>:
>
> > > > So I added
> > > > ssl_ca_file = /etc/ssl/certs/ca-certificates.crt
> > > >
> > > > But alas:
> > > > May 31 16:50:24 mproxy dovecot: config: Warning: Obsolete setting
2017 May 31
2
Bug with 2.2.29-1~auto+25 back to haunt me
> On May 31, 2017 at 6:10 PM Ralf Hildebrandt <Ralf.Hildebrandt at charite.de> wrote:
>
>
> * Ralf Hildebrandt <Ralf.Hildebrandt at charite.de>:
>
> > So I added
> > ssl_ca_file = /etc/ssl/certs/ca-certificates.crt
> >
> > But alas:
> > May 31 16:50:24 mproxy dovecot: config: Warning: Obsolete setting in
2014 May 16
1
imapc Proxy to IMAPS Exchangeserver?
I'm trying to adapt http://wiki2.dovecot.org/HowTo/ImapcProxy
to our Exchange Server, which has LOGINDISABLED on Port 143, and I
offering LOGIN on Port 993.
How do I go about this?
Simply changing imapc_port to:
imapc_port = 993
doesnt work:
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS
2016 Apr 29
4
Recent update causes segfault in proxy mode
I'm using the auto builds (2:2.2.24-1~auto+3) for Ubuntu/Debian.
The recent upgrade to 2.2.24 cause the follwoing error to appear:
I can log in to a mailbox via dovecot
I can delete emails
Upon expunge, dovecot crashes:
Apr 29 11:05:30 mproxy dovecot: imap(hildeb): expunge: box=INBOX, uid=142514, msgid=, size=10086
Apr 29 11:05:30 mproxy dovecot: imap(hildeb): expunge: box=INBOX,
2016 Jul 11
4
2.3.0~alpha0-1~auto+197: Crash when openening a message via IMAP
>From the log:
Jul 11 13:12:42 mproxy dovecot: imap-login: Login: user=<hildeb>, method=PLAIN, rip=141.42.206.36, lip=141.42.206.11, mpid=27254, TLS, session=<TGwoO1o3id+NKs4k>
Jul 11 13:12:44 mproxy dovecot: imap(hildeb)<TGwoO1o3id+NKs4k>: Panic: file imap-client.c: line 854 (client_check_command_hangs): assertion failed: ((io_loop_find_fd_conditions(current_ioloop,
2016 Mar 30
2
crash after out of memory?
We're encountering a crash when proxying to an Exchange server:
Mar 30 10:40:47 mproxy dovecot: imap-login: Login: user=<xxxbxxx>, method=PLAIN, rip=10.39.76.71, lip=141.42.206.11, mpid=18556, TLS, session=<H98xGkAvfvMKJ0xH>
Mar 30 10:40:49 mproxy dovecot: imap(xxxbxxx): Fatal: block_alloc(134217728): Out of memory
Mar 30 10:40:49 mproxy dovecot: imap(xxxbxxx): Error: Raw
2017 Mar 20
0
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
* Ralf Hildebrandt <Ralf.Hildebrandt at charite.de>:
> Hi!
>
> I upgraded the 2.2 packages today (from 2:2.2.28-1~auto+5 to 2:2.2.28-1~auto+8) I now I'm getting an error:
I was able to determine the last working version: 2:2.2.28-1~auto+6
and the first "broken" version: 2:2.2.28-1~auto+7
--
Ralf Hildebrandt
Gesch?ftsbereich IT | Abteilung
2017 Mar 20
0
Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
On 20.03.2017 14:30, Ralf Hildebrandt wrote:
> ssl_client_ca_file = </etc/ssl/certs/ca-certificates.crt
Leave the < out. It is misleading, I know, but it does say file. =)
Aki
2014 Jun 16
1
SIGSEGV in 2.2.13 with IMAP Proxying to an Exchange Server
100% reproducible. User is using alpine to write an email.
Continue postponed composition (answering "No" won't erase it)?
y -> [>Empty folder! No messages really postponed!<]
Can't delete {mproxy.charite.de/ssl/novalidate-cert/user=theusername}postponed-msgs
Setup:
======
http://wiki2.dovecot.org/HowTo/ImapcProxy
coredump available for further inspection
Full
2017 Feb 03
4
Dovecot dsync 'ssl_client_ca'
Hi,
I have made change:
ssl_protocols = !SSLv2 !SSLv3
ssl = required
verbose_ssl = no
ssl_key = </etc/ssl/private/private.key
ssl_cert = </etc/ssl/certs/key.crt
ssl_client_ca_file = </etc/ssl/certs/GandiCA2.pem
# Create a listener for doveadm-server
service doveadm {
user = vmail
inet_listener {
port = 12345
ssl= yes
}
}
and doveadm_port = 12345 // mail_replica =
2017 Dec 14
0
Panic: file imap-client.c: line 1204 (client_handle_input): assertion failed: (o_stream_is_corked(client->output))
Running Dovecot from the daily builds: 2:2.3.0~alpha0-1~auto+1287 in
an proxy setup:
auth_mechanisms = plain login
default_vsz_limit = 1 G
imapc_host = <redacted>.charite.de
imapc_port = 993
imapc_ssl = imaps
imapc_ssl_verify = no
listen = *,::
mail_gid = imapproxy
mail_home = /home/imapproxy/%u
mail_location = imapc:~/imapc
mail_plugins = mail_log notify
mail_uid = imapproxy
passdb {
2017 Feb 06
2
Dovecot dsync 'ssl_client_ca'
Hi Aki,
I do not have any error message but (on both server):
doveadm replicator status '*'
doveadm(root): Fatal: net_connect_unix(/var/run/dovecot/replicator-doveadm) failed: Connection refused
Thx
Le vendredi 3 f?vrier 2017 ? 17:09:52, vous ?criviez :
> Please keep responses in list. rm -f
> /var/lib/dovecot/ssl-parameters.dat, i think it was in that dir.
> On
2017 Feb 03
3
Dovecot dsync 'ssl_client_ca'
Hello,
Still working with my dsync pb.
I have done a clone (vmware) of my email server.
Today I have two strictly identical emails servers (server1
(main) and server2 (bck) (except IP, hostname and mail_replica).
The ssl config on my both server:
ssl_protocols = !SSLv2 !SSLv3
ssl = required
verbose_ssl = no
ssl_key = </etc/ssl/private/private.key
ssl_cert =