[dovecot] Re: Trouble setting up dovecot
Timo Sirainen
tss at iki.fi
Mon Feb 24 02:45:54 EET 2003
On Mon, 2003-02-24 at 00:42, Tim Snider wrote:
> > You have to have it configured in /etc/pam.d/imap. For example:
> >
> > auth required pam_unix.so nullok
> > account required pam_unix.so
>
> Thanks this makes more sense than the options you provide in
> doc/auth.txt, so you may wish to change that.
I guess it would. The pwdfile was just an example I use elsewhere. It
doesn't come with PAM by default.
> It's hung up in SSL_CTX_use_PrivateKey() in ssl-proxy-openssl.c, which
> as you correctly surmised below, is due to a password protected key.
Well, have to fix this in some way. Hanging there isn't very nice way to
report errors.
> I've located and used mkcert.sh. As a note the only docs for
> doc/mkcert.sh are halfway through the NEWS file and rapidly receeding as
> you add new releases, (congrats on the fast progress by the way!),
> however you might consider adding a short note about it to the
> doc/auth.txt or doc/configuration.txt file for those new to dovecot.
I've added "quick setup" to beginning of it which says that.
> Correct! Doh! I have been able to use imaps, since I built a
> non-passworded private key. I was using passworded keys that I'd built
> for Apache, and would eventually like to have one set of keys that I can
> reference for each virtual domain. Were you planning on something like
> the Apache startssl option?
I guess that would be nice feature. I'll add in TODO.
> I can live with the constraint of one 'connection' key for now. Have you
> considered allowing each virtual domain to have it's own keys? Kind of
> difficult as the secure pipe to the server is already in place by the
> time the login name is seen... Kinda makes it tough for a true virtual
> presence without explicit assigned IP's. Hmmm, any plans for at least a
> different keys/identity per IP? If I understand the configuration file
> for now, it seems to be designed for one cert per machine.
.. and I thought I could keep the configuration file simple. Well, it
won't come before 1.0 anyway. You could always run multiple dovecots
with different config files.
More information about the dovecot
mailing list