fts_solr and connection via https://
Jan Vonde
mail at jan-von.de
Sun Jan 22 09:01:59 UTC 2017
Hi,
I am trying to get fts_solr working and my index server is available via
HTTPS only. Dovecot is running on a Debian Jessie system and the Solr
server has a letsencrypt certificate.
My dovecot version is:
2.2.devel (a9ed8ae)
The current setup is:
10-mail.conf:
mail_plugins = fts fts_solr
90-fts.conf:
plugin {
fts = solr
fts_autoindex = yes
fts_solr = url=https://foo.example.com/solr/dovecot/
}
When I try to index the mailboxes I am getting error messages like this:
doveadm(user at host): Error: fts_solr: Lookup failed: 9002 Couldn't
initialize SSL context: Can't verify remote server certs without trusted
CAs (ssl_client_ca_* settings)
doveadm(user at host): Error: Mailbox INBOX: Status lookup failed:
Internal error occurred. Refer to server log for more information.
[2017-01-22 09:52:38]
Segmentation fault
Contacting the index server via curl on the command line on the same
host works, it returns HTTP 200:
user at host ~ $ curl -s -o /dev/null -w "%{http_code}"
https://foo.example.com/solr/
200
user at host ~ $
Currently I have the following ssl related settings:
user at host ~ $ doveconf -n -P | grep -i ssl
ssl_cert = </etc/ssl/certs/mail.example.org.crt
ssl_cipher_list =
ALL:!LOW:!SSLv2:ALL:!aNULL:!ADH:!eNULL:!EXP:RC4+RSA:+HIGH:+MEDIUM
ssl_key = </etc/ssl/private/mail.example.org.key
ssl_protocols = !SSLv2 !SSLv3
I tried adding the following settings but that didn't help:
ssl_ca = < /etc/ssl/certs/ca-certificates.crt
ssl_client_ca_dir = /etc/ssl/certs
Can you give me a hint how I can get the ssl certificate accepted?
Thanks in advance and have a nice day,
Jan :-)
More information about the dovecot
mailing list