Tim, Daniel, Aki, all. Problem solved. Well, sort of:
It is AppArmor.
I disabled AppArmor based on another sufferer's experience, and I quote:
I have made some progress on solving this and tracked down the problem to apparmor which is some sort of application based security system.
(How I wish Linux followed KISS principals, this appears to be yet another security layer on top of the chmod/chown layer, and not an intuitive/obvious thing either...)
There is nothing wrong with dovecot 3.2.1, there is nothing wrong with my "configuration", I am not being rude, but AppArmor got hosed by the OS upgrade.
Tomorrow is another day, I'll fight the AppArmor alligator then. In the meantime, on to that G&T! Woohoo! :-)
Thanks again to all.
Kind regards, Andy
On Sun, 2018-12-16 at 18:41 +0000, Tim Dickson wrote:
permissions should be 644 or 444 owned by root.
if the permissions are too open, ssl/dovecot will refuse to load
them.
you may even see a message about it if you have verbose messages/
check your sys logs.
I had this problem once with certs that checked out fine, correct
< in dovcot config but didn't load.
chmod 644 /etc/ssl/certs/dovecot.cert /etc/ssl/private/dovecot.key
fixed the problem
regards, Tim
On 16/12/2018 14:33, C. Andrews Lavarre
wrote:
For what it's worth, this gives the server an A:
So there is no problem with the certificates and key...
Thanks again.
On Sun, 2018-12-16 at 09:19 -0500, C. Andrews Lavarre wrote:
So it's something else.