Hello,
on a farm of multiple identical dovecot servers I start seeing this error on usual POP3S access on one of many servers:
pop3-login: Error: Failed to initialize SSL server context: Can't load SSL certificate (ssl_cert setting): The certificate is empty:
I'm running 2.3.14 compiled against openssl-1.1.1k on Debian Buster Looks like it's this code: https://github.com/dovecot/core/blob/a5209c83c3a82386c94d466eec5fea394973e88... called from here: https://github.com/dovecot/core/blob/a5209c83c3a82386c94d466eec5fea394973e88...
To me it /looks/ like a resource problem. The farm handle a million pop3 sessions per hour while only 50k (5%) are using TLS. The farm is up and running since ~2 weeks. When started, the automatic deployment *did* check that pop3s was working well. Also today on all farmservers the certificate file is valid, contain expected content.
the server is currently offline but not restarted to allow further investigation.
the setup is quite normal
just checked over all Farmservers: the output is identical.
- doveconf | grep ssl | sha256sum
- sha256sum $( doveconf | grep 'ssl_cert = <' | awk -F\< '{ print $2 }' )
Any idea is appreciated ...
Andreas