Dovecot dsync 'ssl_client_ca'

Thierry lenaigst at maelenn.org
Fri Feb 3 11:48:21 UTC 2017 

Bonjour Mike,

I  have made the change from 'ssl_ca =' tp 'ssl_client_ca_file =' but 
now I do have:

Error: sync: Couldn't initialize SSL context: Can't load CA certs from directory : error:02001024:system library:fopen:File name too long

thx



Le vendredi 3 février 2017 à 11:34:43, vous écriviez :

> Hello,


> On 02/03/2017 08:51 AM, Thierry wrote:
>> Hello,
>>
>> Still working with my dsync pb.
>> I have done a clone (vmware) of my email server.
>> Today   I   have   two  strictly  identical  emails  servers (server1
>> (main) and server2 (bck) (except IP, hostname and  mail_replica).
>>
>> The ssl config on my both server:
>>
>> ssl_protocols = !SSLv2 !SSLv3
>> ssl = required
>> verbose_ssl = no
>> ssl_key = </etc/ssl/private/private.key
>> ssl_cert = </etc/ssl/certs/key.crt
>> ssl_ca = </etc/ssl/certs/GandiStandardSSLCA2.pem

> I think it should be ssl_client_ca_file = 
> </etc/ssl/certs/GandiStandardSSLCA2.pem for you.


>>
>> This  config  is  working   for  my   email  client  and my email web
>> interface ...
>>
>> Are they on the right order ?
>>
>> mail_replica = tcps:server1 at domain.ltd and tcps:server2 at domain.ltd
>>
>> There is trafic on my iptables rules on my both  servers:
>>
>> 60  3600 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:4711
>>
>>
>>
>> My  error message from server1 (main server):
>>
>> Feb 03 08:38:08 doveadm(user1 at domain.ltd): Error: sync: Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
>> Feb 03 08:42:35 doveadm(user2 at domain.ltd): Error: sync: Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
>> Feb 03 08:42:35 doveadm(user3 at domain.ltd): Error: sync: Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
>> Feb 03 08:42:35 doveadm(user4 at domain.ltd): Error: sync: Couldn't initialize SSL context: Can't verify remote server certs without trusted CAs (ssl_client_ca_* settings)
>>
>> No logs from server2
>>
>> Any ideas ?
>>
>> Thx for your support
>>
>>



-- 
Cordialement,
 Thierry                            e-mail : lenaigst at maelenn.org

More information about the dovecot mailing list