On October 29, 2017 at 1:55 PM Reuben Farrelly <reuben-dovecot@reub.net> wrote:
Hi again,
Chasing down one last problem which seems to have been missed from my last email:
On 20/10/2017 9:22 PM, Stephan Bosch wrote:
Op 20-10-2017 om 4:23 schreef Reuben Farrelly:
On 18/10/2017 11:40 PM, Timo Sirainen wrote:
On 18 Oct 2017, at 6.34, Reuben Farrelly <reuben-dovecot@reub.net> wrote:
This problem below is still present in 2.3 -git, as of version 2.3.devel (6fc40674e)
Secondly, this ssl_dh messages is always printed from doveconf:
doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem doveconf: Warning: You can generate it with: dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dh -inform der > /etc/dovecot/dh.pem
Yet the file is there:
thunderstorm conf.d # ls -la /etc/dovecot/dh.pem -rw-r--r-- 1 root root 769 Oct 19 21:55 /etc/dovecot/dh.pem
And the config is there as well:
thunderstorm dovecot # doveconf -P | grep ssl_dh ssl_dh = </etc/dovecot/dh.pem doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem doveconf: Warning: You can generate it with: dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dh -inform der > /etc/dovecot/dh.pem ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- thunderstorm dovecot #
It appears that this warning is being triggered by the presence of the ssl-parameters.dat file because when I remove it the warning goes away. Perhaps the warning could be made a bit more specific about this file being removed if it is not required because at the moment the warning message is not related to the trigger.
Thanks, Reuben
Thanks, Reuben
It is triggered when there is ssl-parameters.dat file *AND* there is no ssl_dh=< explicitly set in config file.
Aki