Dovecot replication over TCP/SSL, certificate error

Jonas Plitt redflag237 at googlemail.com
Mon Jan 12 12:29:29 UTC 2015


Hi All,

I'm running TCP-based dsync replication on two dovecot nodes. Nowdays i
tried to enable SSL (TCPS).

I changed mail_replica prefix from tcp:* to tcps:* and added ssl=yes to the
inet_listener.
Then on running *doveadm sync* i'm getting the following message:
"
*doveadm(example at example.com <example at example.com>): Error: Couldn't
initialize SSL context: Can't load CA certs from directory /etc/ssl/certs:
error:02001024:system library:fopen:File name too longdoveadm: Error:
Failed to iterate through some users*"

this is my config (part):





*ssl_cert = </etc/ssl/certs/alpha-servers.pemssl_key =
</etc/ssl/private/alpha-servers.keyssl_ca =
</etc/ssl/certs/startcom-ca-bundle.pemssl_client_ca_dir =
/etc/ssl/certsssl_client_ca_file =
</etc/ssl/certs/startcom-ca.pemssl_protocols = !SSLv2 !SSLv3*

The file startcom-ba-bundle contains the complete chain. The file
startcom-ca contains only the ca certificate. Can anybody help, please?

-- 
with kind regards,
Jonas


More information about the dovecot mailing list