hey, check your dovecot.conf :
"ssl_key_file = /etc/ssl/mail/mail.key"
is that a pipe, a vertical sign after "mail.key" ?
Thanks for your reply. What do you mean by "pipe"
See, I can even connect via the console from the outside:
|Notebook [~]$ openssl s_client -CApath ~/.cert/XYZ.com/ -connect XYZ.com:993 CONNECTED(00000003) depth=0 /C=DE/ST=BW/L=City/O=HomeServer GmbH/OU=WebHosting/CN=XYZ.com/emailAddress=admin@XYZ.com verify error:num=18:self signed certificate verify return:1 depth=0 /C=DE/ST=BW/L=City/O=HomeServer GmbH/OU=WebHosting/CN=XYZ.com/emailAddress=admin@XYZ.com verify return:1
Certificate chain 0 s:/C=DE/ST=BW/L=City/O=HomeServer GmbH/OU=WebHosting/CN=XYZ.com/emailAddress=admin@XYZ.com i:/C=DE/ST=BW/L=City/O=HomeServer GmbH/OU=WebHosting/CN=XYZ.com/emailAddress=admin@XYZ.com
Server certificate -----BEGIN CERTIFICATE----- MIIC6TCCAlKgAwIBAgIJAN4Jfaj9QgEhMA0GCSqGSIb3DQEBBQUAMIGqMQswCQYD VQQGEwJERTEbMBkGA1UECBMSQmFkZW4tV3VlcnR0ZW1iZXJnMREwDwYDVQQHEwhO ZXVicm9ubjEWMBQGA1UEChMNTmV0T2NlYW4gR21iSDETMBEGA1UECxMKV2ViSG9z dGluZzEYMBYGA1UEAxMPc2VydmVyLm5ldG9jZWFuMSQwIgYJKoZIhvcNAQkBFhVh ZG1pbkBzZXJ2ZXIubmV0b2NlYW4wHhcNMTAwNzExMTgwMzQ4WhcNMzAwNzA2MTgw MzQ4WjCBqjELMAkGA1UEBhMCREUxGzAZBgNVBAgTEkJhZGVuLVd1ZXJ0dGVtYmVy ZzERMA8GA1UEBxMITmV1YnJvbm4xFjAUBgNVBAoTDU5ldE9jZWFuIEdtYkgxEzAR BgNVBAsTCldlYkhvc3RpbmcxGDAWBgNVBAMTD3NlcnZlci5uZXRvY2VhbjEkMCIG CSqGSIb3DQEJARYVYWRtaW5Ac2VydmVyLm5ldG9jZWFuMIGfMA0GCSqGSIb3DQEB AQUAA4GNADCBiQKBgQDFiBWAJ893Ocm4dooDHHkNRZcvC4N5qjfx1wywoS2DlnV4 GwBQPYcyewx5ptcjqq863r3rvHhbNeJbcnh8jNATTxto8r2NkadwccXw4LtqpfAS A2dhuYt8zKhiI2tlfZNCzSzDmqid4NuxKiNQGNB6OU6/x2vp0ZFTwstIr7TMAwID AQABoxUwEzARBglghkgBhvhCAQEEBAMCBkAwDQYJKoZIhvcNAQEFBQADgYEAtlPa GQ4Weyi9vlIDLL4PgGsNk4sR4Ca2gbYLTd5HaSkww+BKIfz1OkFEmsNozNSo19PJ WaOp7exCN23j5Z/+qfZSGgUAelJHxRJ0Mc8YmtTuLKaNHxWYBJit3T3n1lbuFENe vdh8oCo6GKjjm7RkbkEvTvdzrOdztXZt3Ij4gLE= -----END CERTIFICATE----- subject=/C=DE/ST=BW/L=City/O=HomeServer GmbH/OU=WebHosting/CN=XYZ.com/emailAddress=admin@XYZ.com issuer=/C=DE/ST=BW/L=City/O=HomeServer GmbH/OU=WebHosting/CN=XYZ.com/emailAddress=admin@XYZ.com
No client certificate CA names sent
SSL handshake has read 1313 bytes and written 325 bytes
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA Server public key is 1024 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : DHE-RSA-AES256-SHA Session-ID: 54DC3526DB721308D460CBAF21D562958D34ED146332F0B4ACBE9E1311633ED1 Session-ID-ctx: Master-Key: 1BCB1FA49855FC38ACB52C2CD8D54594C006116220D66FA0E74F68663AFE3FC09086B9 BFB1FE0E515681A2E0DC7C1AFC Key-Arg : None Start Time: 1278952607 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) --- * OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN- REFERRALS ID ENABLE AUTH=CRAM-MD5] NetOcean MailSystem ^C Notebook [~]$|
Am 12.07.10 19:11, schrieb Daniel Petre:
dude, whats the pipe at the end of the mail.key location?
It's always the same when it fails ...
And this is how my dovecot.conf looks like:
[...]
|## ## SSL settings ## ssl = yes ssl_cert_file = /etc/ssl/mail/mail.cert ssl_key_file = /etc/ssl/mail/mail.key|
[...]
Thank you