Hello Richard,
Maybe the included .pem files are bad (expire, pointing to wrong server name or whatnot)
I'd generate new .pem files.
dovecot documentation points to mkcert.sh script. With this script you can generate your own certificate, after filling in the OpenSSL config file used by mkcert.sh.
On my system, the script is located at /usr/libexec/dovecot/mkcert.sh
and the configuration file is at: /etc/pki/dovecot/dovecot-openssl.cnf
With the key and certificate generated this script, dovecot is happy to work with ssl (imaps i my case)
Hope this helps,
Josep
On Thursday 24 September 2009 11:39:59 am Richard Hobbs wrote:
Hello,
Thanks again for your response...
However, upon closer inspection, it seems that both "/etc/ssl/certs/dovecot.pem" and "/etc/ssl/private/dovecot.pem" already exist!
I'm running Debian Lenny 5.0 btw - does anyone know if these keys were simply part of the dovecot package, or whether they have been generated during the installation process and are therefore unique?
If they are unique, then I don't need to generate my own, perhaps?
Thanks again, Richard.
Christian Schmidt wrote:
Hello Richard,
Richard Hobbs, 10.09.2009 (d.m.y):
Thanks for the advice - how do i generate ssl cert files and ssl key files?
Just use OpenSSL. There's a short description of what to do on http://www.apache-ssl.org - or in any other OpenSSL Howto...
Gruss/Regards, Christian Schmidt
-- Josep L. Guallar-Esteve - IT Department
This transmission is intended for the use of the entity or individual to which or whom it is addressed. The transmission or any documents accompanying the transmission may contain confidential information. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or action taken in reliance on the contents of the transmission or the documents is strictly prohibited. If you have received this confidential transmission in error, please destroy it and any accompanying documents and notify the sender immediately. Thank you.