lmtp: Couldn't parse DH parameters

19 Feb 2018 · *vmail*


      I'm using SSL for dovecot, and dovecot kindly warned me on startup that I
needed the ssl_dh parameter, which I specified:
# grep -P '^ssl_dh' /etc/dovecot/conf.d/10-ssl.conf 
ssl_dh = </etc/dovecot/dh.pem
And I generated the file, as specified in the comment:
# openssl dhparam -out /etc/dovecot/dh.pem 4096
The file contains the appropriate headers:
# grep -P '^\-' /etc/dovecot/dh.pem
-----BEGIN DH PARAMETERS-----
-----END DH PARAMETERS-----
However, when I restart dovecot (systemctl restart dovecot) I get the
following error:
lmtp(8221): Error: SSL context initialization failed, disabling SSL: 
Couldn't parse DH parameters: error:0906D06C:PEM routines:PEM_read_bio:no
start line: Expecting: DH PARAMETERS
This message repeats 5 times (presumably for each dovecot service?).
In /var/log/dovecot/imap.log, I see the same error.
I even gave permission to the dh.pem file for the *vmail* user and group, but
that didn't seem to change anything.
Any ideas?
Thanks.

lmtp: Couldn't parse DH parameters

jordan.h＠startmail.com