On Mon, 2012-05-14 at 17:51 +0200, Christian Rößner wrote:
Unfortunately I already tested this (and also once again after your answer). Changed the setting, stopped dovecot and restart it. After that doing doveadm qutoa get -A stalls.
What I do not understand is that I can not see any connection attempts to the LDAP servers. If it had problems with the certificates I would expect to see the connection and then a failure in the starttls process.
I alos did chmod o+rx to the folder /etc/ssl/private and also to the private key. So I think it has nothing to do with the privileges of the certificates, does it?
I don't know how OpenLDAP works internally. Does it still log about ldap_start_tls_s() failing? Try if increasing OpenLDAP's logging in dovecot-ldap.conf.ext works:
# LDAP library debug level as specified by LDAP_DEBUG_* in ldap_log.h. # -1 = everything. You may need to recompile OpenLDAP with debugging enabled # to get enough output. #debug_level = 0
Also make sure that the auth and auth-worker processes have the same permissions:
doveconf service/auth > a doveconf service/auth-worker > b diff -u a b