lmtp: Couldn't parse DH parameters
I'm using SSL for dovecot, and dovecot kindly warned me on startup that I needed the ssl_dh parameter, which I specified:
# grep -P '^ssl_dh' /etc/dovecot/conf.d/10-ssl.conf
ssl_dh = </etc/dovecot/dh.pem
And I generated the file, as specified in the comment:
# openssl dhparam -out /etc/dovecot/dh.pem 4096
The file contains the appropriate headers:
# grep -P '^\-' /etc/dovecot/dh.pem
-----BEGIN DH PARAMETERS-----
-----END DH PARAMETERS-----
However, when I restart dovecot (systemctl restart dovecot
) I get the
following error:
lmtp(8221): Error: SSL context initialization failed, disabling SSL:
Couldn't parse DH parameters: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: DH PARAMETERS
This message repeats 5 times (presumably for each dovecot service?).
In /var/log/dovecot/imap.log, I see the same error.
I even gave permission to the dh.pem
file for the *vmail* user and group, but
that didn't seem to change anything.
Any ideas?
Thanks.
On 2018-02-19 (14:08 MST), jordan.h@startmail.com wrote:
I'm using SSL for dovecot, and dovecot kindly warned me on startup that I needed the ssl_dh parameter, which I specified:
doveconf -n
-- They say whisky'll kill you, but I don't think it will I'm ridin' with you to the top of the hill
Here's the configuration:
On Monday, February 19, 2018 7:15:31 PM PST @lbutlr wrote:
On 2018-02-19 (14:08 MST), jordan.h@startmail.com wrote:
I'm using SSL for dovecot, and dovecot kindly warned me on startup that I
needed the ssl_dh parameter, which I specified: doveconf -n
I can't see ssl_dh=</path/to/dh.pem
---Aki TuomiDovecot oy -------- Original message --------From: jordan.h@startmail.com Date: 22/02/2018 21:49 (GMT+02:00) To: Dovecot Mailing List <dovecot@dovecot.org> Subject: Re: lmtp: Couldn't parse DH parameters Here's the configuration:
On Monday, February 19, 2018 7:15:31 PM PST @lbutlr wrote:
On 2018-02-19 (14:08 MST), jordan.h@startmail.com wrote:
I'm using SSL for dovecot, and dovecot kindly warned me on startup that I
needed the ssl_dh parameter, which I specified: doveconf -n
participants (3)
-
@lbutlr
-
Aki Tuomi
-
jordan.h@startmail.com