similar to: Share Website certificate with SSL/STL Dovecot IMAP and Postifix SMTP

Marco Marco writes writes: > I've bought a certificate from the authority for my website to use to > access in https mode. > > Is it possible to share the same pairs to authenticate the emails sent > by postfix and Dovecot in order to avoid that client as Hotmail.it or > Gmail intercept these as Spam? By "same pairs", I assume you mean key and certificate. Yes,

I have a remote server running centos 4.3 and a home desktop running suse 10.1. I have generated an SSL certificate on the server, copied it on the desktop and run on the desktop: >openssl x509 -in mynewcertCert.pem -fingerprint -subject -issuer -serial -hash -noout >c_rehash . getting this warning: > > Doing . > WARNING: mynewcertPrivateKey.pem does not contain a certificate or

Good time of the day! My English is not very good, excuse me if I said something wrong. I use dovecot-2.1.16 on Gentoo Linux amd64. I need to setup dovecot (imap and pop3) for SSL and non-SSL connection simultaneously. For SSL connections client must submit a valid SSL certificate. Now SSL part of dovecot.conf looks like this: ----------------- ssl = yes ssl_cert =

In reading through the mailing list, this question seems to have come up before, but never quite answered. I bought a certificate from Digital Signature Trust which is a well known certificate authority. The reason I bought my certificate, was so that email clients connecting to my imaps server wouldn't be bothered with warnings of unrecognized certificate authority as they would see with a

Hi all. Usually for in-house use and SSL I would just generate a self-signed certificate because most clients either ignore it or only ask the first time the account is configured. In terms of offering the service to our customers is there any value of getting someone like thawte or instantssl to sign a certificate for imaps/pop3s/smtp? Also, is there a configuration directive for dovecot

On 4/17/2018 3:56 AM, Marco Gaiarin via samba wrote: > Mandi! lingpanda101 via samba > In chel di` si favelave... > >>     When using a custom self-signed certificate, what is the appropriate >> value for 'tls verify peer ='? > ...AFAIk the same for every certificates; the CA's certificates have to > be in ''central store'', or have to be

Hi all, I am trying to setup puppet master and puppetdb on same node using puppetdb module. When I try to run puppet agent -t, I see following erorr notice: Unable to connect to puppetdb server (ip-10-172-161-25.us-west-1.compute.internal:8081): SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed notice: Failed to connect to puppetdb; sleeping 2

Hi All, I'm running TCP-based dsync replication on two dovecot nodes. Nowdays i tried to enable SSL (TCPS). I changed mail_replica prefix from tcp:* to tcps:* and added ssl=yes to the inet_listener. Then on running *doveadm sync* i'm getting the following message: " *doveadm(example at example.com <example at example.com>): Error: Couldn't initialize SSL context: Can't

In hopes that searching may turn up the solution for others: The reason client certificate validation was failing in Thunderbird when it had previously succeeded with other servers (both IMAP and SMTP) is precisely that: the client and profile where the same ones used to connect to the server who's hostname hadn't changed, and email addresses and usernames were the same, and Thunderbird

When I install an SSL certificate, I can't find a config option to set configure the Server Certificate Chain file... Is this not possible or can I do it another way? (When I connect, I am being told the Signature status is uncheckable...) Regards, BTJ -- ----------------------------------------------------------------------------------------------- Bj?rn T Johansen btj at havleik.no

Hello, I've a not really dovecot specific problem with my certificate. Since the OpenSSL documentation isn't what I expect to be at least good, I hope someone here can give me a hint how/where fo fix it; I've created a root-Certificate with almost untouched openssl.cnf and issued a server-certificate for dovecot. This cert and it's key I placed in somewhat like /var/dovecot.

Our DC has been using a Verisign certificate. Over the past year, we've been using a Digicert Wildcard Plus certificate for almost all of our machines, and I wanted to switched over our DC mailserver. I used the following command to generate the CSR and key: openssl req -new -newkey rsa:1024 -nodes -out star_bard_edu.csr -keyout star_bard_edu.key -subj "/C=US/ST=NY/L=ourtown/O=Bard

Dear All This is my continuation of postfix setup. Following link http://campworld.net/thewiki/pmwiki.php/LinuxServersCentOS/Cent6VirtMailServerfor postfix setup. At one stage it says, Configuring The Server Setup SSL Certificate Now generate an SSL certificate for postfix and dovecot to have TLS support. Replace mail.example.com with your server hostname. > genkey --days 3650

Hi all, After client's certificate verifications discussion in the mailing-list, I have done some tests with nut trunk and - if my config is not too bad - I think ther is a bug with server certificate verification. With a clean trunk checkout, compile and installation; and with the following config : upsmon.conf: CERTPATH /usr/local/ups/etc/cert/ CERTVERIFY 1 FORCESSL 1 Upsd.conf: CERTFILE

Hi, I have a c4 server that I am trying to migrate an ssl site over to a new C5 machine with all of the updates. The certificate is an equifax cert and works as advertised on the C4 server. When I move it over to the C5 machine I get error in firefox that says error code -12227 which http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html says is an

Hello, I am going to build an email server on Centos for a small, private group of users and I just want to encrypt all communications between that server and the (remote) email clients of those users (or they browsers, when they use webmail). Client certificates are not necessary, at least now. I understand that to do that I need to create my own SSL CA, create with it a self signed certificate

Hi, Just a quicky, I can't see anything about how Dovecot handles certificate chains. 1, Does it handle them? 2, How, if if does? (Just got a cert from www.instantssl.com and I need there intermediate cert do validate it.., Works fine with Apache and Exim ) Cheers, Steve Gare - Xantara.Net -- 0845 123 5707

On macOS 10.15.5 and R-devel: > download.file("https://www.r-project.org", tempfile()) trying URL 'https://www.r-project.org' Error in download.file("https://www.r-project.org", tempfile()) : cannot open URL 'https://www.r-project.org' In addition: Warning message: In download.file("https://www.r-project.org", tempfile()) : URL

On Thu, 14 Mar 2019 09:51:14 -0400 Phil Turmel via dovecot <dovecot at dovecot.org> wrote: > On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote: > > > Sorry I have to write this, but this is again pointing people in a fake > > security direction. > > You should be sorry, because you are wrong. > > > The only valid authority for a certificate

Hi, yesterday I upgraded Dovecot from 1.2 to 2.0.11. I'd seen that there was a config file converter to make the upgrade smooth so was expecting it to be pretty quick and easy. In the end I spent a long time trying to get it working as it just wouldn't listen on the ssl ports, imaps and pop3s. I am using per portocol SSL certificates, as I was in version 1.2. The part of my