Intentionally use weak server key
Stavros Tsolakos
stsolakos at gmail.com
Thu Dec 20 12:50:22 EET 2018
On 20/12/2018 12:37, Marc Roos wrote:
>
> You have to create your own ca, and then create the certificate. I doubt
> if you will be able to find companies like DigiCert or Comodo to do
> this.
>
> If you want, I can try sign it with our own 'internal' CA. The only
> thing you have to do is of course adding our CA to your ca bundle but
> that is very easy in CentOS7
>
Thank you, Marc.
We created our own CA and certificates just fine. The problem is that
SSL does not seem to like them giving the error I mentioned in the
previous message:
dovecot: imap-login: Error: SSL: Stacked error: error:04075070:rsa
routines:RSA_sign:digest too big for rsa key
What would an SSL+Dovecot expert do if this error was encountered? A
1024 bit key works just fine but we have to stick to 256.
More information about the dovecot
mailing list