Hi Aki,
On 30/10/2017 12:43 AM, Aki Tuomi wrote:
On October 29, 2017 at 1:55 PM Reuben Farrelly reuben-dovecot@reub.net wrote:
Hi again,
Chasing down one last problem which seems to have been missed from my last email:
On 20/10/2017 9:22 PM, Stephan Bosch wrote:
Op 20-10-2017 om 4:23 schreef Reuben Farrelly:
On 18/10/2017 11:40 PM, Timo Sirainen wrote:
On 18 Oct 2017, at 6.34, Reuben Farrelly reuben-dovecot@reub.net wrote:
This problem below is still present in 2.3 -git, as of version 2.3.devel (6fc40674e)
Secondly, this ssl_dh messages is always printed from doveconf:
doveconf: Warning: please set ssl_dh= /etc/dovecot/dh.pem
Yet the file is there:
thunderstorm conf.d # ls -la /etc/dovecot/dh.pem -rw-r--r-- 1 root root 769 Oct 19 21:55 /etc/dovecot/dh.pem
And the config is there as well:
thunderstorm dovecot # doveconf -P | grep ssl_dh ssl_dh = /etc/dovecot/dh.pem ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- ssl_dh = -----BEGIN DH PARAMETERS----- thunderstorm dovecot #
It appears that this warning is being triggered by the presence of the ssl-parameters.dat file because when I remove it the warning goes away. Perhaps the warning could be made a bit more specific about this file being removed if it is not required because at the moment the warning message is not related to the trigger.
Thanks, Reuben Thanks, Reuben It is triggered when there is ssl-parameters.dat file *AND* there is no ssl_dh=< explicitly set in config file.
Aki
I have this already in my 10-ssl.conf file:
lightning dovecot # /etc/init.d/dovecot reload doveconf: Warning: please set ssl_dh= /etc/dovecot/dh.pem * Reloading dovecot configs and restarting auth/login processes ... [ ok ] lightning dovecot #
However:
lightning dovecot # grep ssl_dh conf.d/10-ssl.conf # gives on startup when ssl_dh is unset. ssl_dh=
and the file is there:
lightning dovecot # ls -la /etc/dovecot/dh.pem -rw-r--r-- 1 root root 769 Oct 19 19:06 /etc/dovecot/dh.pem lightning dovecot #
So it is actually configured and yet the warning still is present.
Reuben