Displaying 14 results from an estimated 14 matches similar to: "BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ...""
2020 Oct 01
0
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
Hi,
In my Centos-8 server, it was not necessary using "Options =
ServerPreference" parameter.
My openssl.conf look like that :
openssl_conf = default_modules
[ default_modules ]
ssl_conf = ssl_module
[ ssl_module ]
system_default = crypto_policy
[ crypto_policy ]
*.include /etc/crypto-policies/back-ends/opensslcnf.config*
And /etc/crypto-policies/back-ends/opensslcnf.config :
2020 Aug 25
2
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
I've
dovecot --version
2.3.10.1 (a3d0e1171)
openssl version
OpenSSL 1.1.1g FIPS 21 Apr 2020
, atm on Fedora32.
I configure
/etc/pki/tls/openssl.cnf
to set preferences for apps' usage, e.g. Postfix etc; Typically, here
cat /etc/pki/tls/openssl.cnf
openssl_conf = default_conf
[default_conf]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
2020 Sep 23
2
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
> On 22/09/2020 21:00 PGNet Dev <pgnet.dev at gmail.com> wrote:
>
>
> On 9/22/20 10:51 AM, Aki Tuomi wrote:
> >>>
> >
> > Well, dovecot does not actually do any parsing for system-wide openssl.cnf. This sounds more like OpenSSL issue than dovecot issue.
>
> I've NO issue with that config/setting with any _other_ app -- whether in general
2020 Sep 22
3
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
> On 22/09/2020 20:05 PGNet Dev <pgnet.dev at gmail.com> wrote:
>
>
> bump
>
> On 8/24/20 5:17 PM, PGNet Dev wrote:
> > I've
> >
> > dovecot --version
> > 2.3.10.1 (a3d0e1171)
> > openssl version
> > OpenSSL 1.1.1g FIPS 21 Apr 2020
> >
> > , atm on Fedora32.
> >
> > I configure
> >
>
2020 Oct 01
0
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
On 10/1/20 8:52 AM, JEAN-PAUL CHAPALAIN wrote:
> In my Centos-8 server, it was not necessary using? "Options = ServerPreference" parameter.
sry, then i'm unclear re: the point you're trying to make.
this issue is ONLY about the problem re: THAT parameter's use, not re: general SSL error messages/causes.
2019 Oct 17
2
DSA key not accepted on CentOS even after enabling
Hello,
I have some users that connect to a server with their DSA key that is of
type ssh-dss.
I'm migrating (installing as new) the server where they connect to CentOS 8
+ updates.
I was not able to connect with the keys to this new server even after
having added, as found in several internet pages, this directive at the end
of /etc/ssh/sshd_config of the CentOS 8 server:
# Accept also DSA
2020 Sep 22
0
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
bump
On 8/24/20 5:17 PM, PGNet Dev wrote:
> I've
>
> dovecot --version
> 2.3.10.1 (a3d0e1171)
> openssl version
> OpenSSL 1.1.1g FIPS 21 Apr 2020
>
> , atm on Fedora32.
>
> I configure
>
> /etc/pki/tls/openssl.cnf
>
> to set preferences for apps' usage, e.g. Postfix etc; Typically, here
>
> cat /etc/pki/tls/openssl.cnf
>
2020 Sep 22
0
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
On 9/22/20 10:51 AM, Aki Tuomi wrote:
>>>
>
> Well, dovecot does not actually do any parsing for system-wide openssl.cnf. This sounds more like OpenSSL issue than dovecot issue.
I've NO issue with that config/setting with any _other_ app -- whether in general openssl-lib-linked usage, or specifically for a mail submitter (e.g., postfix). The ServerPreference setting is
2020 Sep 23
0
BUG: _presence_ of valid openssl.cnf Option = 'ServerPreference' causes Dovecot submission relay FAIL: "failed: Failed to initialize SSL: ..."
On 9/23/20 2:14 AM, Aki Tuomi wrote:
> I tried to reproduce this with the config you provided. I made sure openssl uses the configuration, but alas, it works just fine for me.
ugh.
well, good to know.
with my my full-blown configs, it's definitely reproducible here.
I'll see if I can reduce this to a simple demonstrator ...
2020 Mar 18
0
crypto-policies / per connection based config
EL8 workstation: crypto-policies is set to DEFAULT.
I need to establish a VPN connection via NetworkManager (Gnome UI) that
uses a legacy protocol. Downgrading the policies globally in
/etc/crypto-policies/back-ends (I do it just for one backend) helps
to establish the connection. To protect this workstation I want
to have this config just for this connection (its openssl based that
needs
2019 Oct 17
0
DSA key not accepted on CentOS even after enabling
PubkeyAcceptedKeyTypes=+ssh-dss
You also need that ^^ in their client if they are running on el8 machine
as well .. i needed to put it in my ~/.ssh/config when connecting FROM
an el8 machine to somewhere else.
On 10/17/19 9:27 AM, Gianluca Cecchi wrote:
> Hello,
> I have some users that connect to a server with their DSA key that is of
> type ssh-dss.
> I'm migrating (installing
2012 Jun 29
0
[LLVMdev] Another LLVM JIT extension to Python
On 06/29/2012 01:06 AM, Siu Kwan Lam wrote:
> Dear LLVM,
>
> I am a young developer who have just uploaded my first opensource
> project based on LLVM. I would like to know what professionals think of
> my project.
>
> I have started a JIT extension to Python called Pymothoa (
> http://code.google.com/p/pymothoa/). Unlike other similar projects, I
> did not modify the
2012 Jun 28
3
[LLVMdev] Another LLVM JIT extension to Python
Dear LLVM,
I am a young developer who have just uploaded my first opensource
project based on LLVM. I would like to know what professionals think of
my project.
I have started a JIT extension to Python called Pymothoa (
http://code.google.com/p/pymothoa/). Unlike other similar projects, I
did not modify the interpreter. Pymothoa uses Python decorators to mark
function for JIT compiling. It
2012 Jun 29
1
[LLVMdev] Another LLVM JIT extension to Python
On 06/29/2012 02:47 AM, Tobias Grosser wrote:
> On 06/29/2012 01:06 AM, Siu Kwan Lam wrote:
>> Dear LLVM,
>>
>> I am a young developer who have just uploaded my first opensource
>> project based on LLVM. I would like to know what professionals think of
>> my project.
>>
>> I have started a JIT extension to Python called Pymothoa (
>>