Unexpected Configuration Error `Unknown setting: ssl_server_cert_file`
Hello,
I upgraded from Debian 12 to 13 and thereby also from dovecot 2.3 to 2.4. Now I am facing a weird error in dovecot. The actual error is the following
# doveconf -n
# 2.4.1-4 (7d8c0e5759): /etc/dovecot/dovecot.conf
# Pigeonhole version 2.4.1-4 (0a86619f)
doveconf: Fatal: Error in configuration file
/etc/dovecot/conf.d/10-ssl.conf line 22: ssl_server_cert_file :
Unknown setting: ssl_server_cert_file
The corresponding entry in my config is
ssl = yes
ssl_server_cert_file = /etc/letsencrypt/live/example.com/fullchain.pem
ssl_server_key_file = /etc/letsencrypt/live/example.com/privkey.pem
I am sorry if I missed something in the archives but I did not find any similar posts.
Is there something I am missing here and what would be further required to debug this?
Best, David
Hello,
I upgraded from Debian 12 to 13 and thereby also from dovecot 2.3 to 2.4. Now I am facing a weird error in dovecot. The actual error is the following
# doveconf -n
# 2.4.1-4 (7d8c0e5759): /etc/dovecot/dovecot.conf
# Pigeonhole version 2.4.1-4 (0a86619f)
doveconf: Fatal: Error in configuration file
/etc/dovecot/conf.d/10-ssl.conf line 22: ssl_server_cert_file : Unknown
setting: ssl_server_cert_file
The corresponding entry in my config is
ssl = yes
ssl_server_cert_file = /etc/letsencrypt/live/example.com/fullchain.pem
ssl_server_key_file = /etc/letsencrypt/live/example.com/privkey.pem
I am sorry if I missed something in the archives but I did not find any similar posts.
Is there something I am missing here and what would be further required to debug this?
Best, David
Hi David,
try:
ssl_server { cert_file = /etc/dovecot/ssl/certs/fullchain.pem key_file = /etc/dovecot/ssl/private/privkey.pem }
Greetings Klaus.
--
e-Mail : klaus@tachtler.net Homepage: https://www.tachtler.net DokuWiki: https://dokuwiki.tachtler.net
Hello Klaus,
this leads to
# 2.4.1-4 (7d8c0e5759): /etc/dovecot/dovecot.conf
# Pigeonhole version 2.4.1-4 (0a86619f)
doveconf: Fatal: Error in configuration file
/etc/dovecot/conf.d/10-ssl.conf line 23: cert_file : Unknown
setting: cert_fileĀ (ssl_server_cert_fileĀ not found either.)
So there definitely seems to be something going wrong here. What confuses me is that it doesn't complain about the certificates not being found but just complaining about the setting being unknown.
After copying-pasting your example into my config, creating the directories and adding symlinks to the actual certificates the error disappeared. It continues working now with the original config and with the symlinks removed.
It must have been some spurious parsing error, I can't find any difference between before and now. Even my original conf without ssl_server { ... } works now again.
Sorry for wasting your time.
Best, David
On 01/02/2026 22:08, Klaus Tachtler wrote:
Hi David,
try:
ssl_server { cert_file = /etc/dovecot/ssl/certs/fullchain.pem key_file = /etc/dovecot/ssl/private/privkey.pem }
Greetings Klaus.
-- David Weingut
Hello Klaus,
this leads to
# 2.4.1-4 (7d8c0e5759): /etc/dovecot/dovecot.conf
# Pigeonhole version 2.4.1-4 (0a86619f)
doveconf: Fatal: Error in configuration file
/etc/dovecot/conf.d/10-ssl.conf line 23: cert_file : Unknown setting:
cert_file (ssl_server_cert_file not found either.)
So there definitely seems to be something going wrong here. What confuses me is that it doesn't complain about the certificates not being found but just complaining about the setting being unknown.
After copying-pasting your example into my config, creating the directories and adding symlinks to the actual certificates the error disappeared. It continues working now with the original config and with the symlinks removed.
It must have been some spurious parsing error, I can't find any difference between before and now. Even my original conf without ssl_server { ... } works now again.
Sorry for wasting your time.
Best, David
On 01/02/2026 22:08, Klaus Tachtler wrote:
Hi David,
try:
ssl_server { cert_file = /etc/dovecot/ssl/certs/fullchain.pem key_file = /etc/dovecot/ssl/private/privkey.pem }
Greetings Klaus.
-- David Weingut
Hi David,
maybe you would like to take a look at my DokuWiki:
https://dokuwiki.tachtler.net/doku.php?id=tachtler:dovecot_archlinux_-_ssl_t...
It's in German, but the config samples can help you?
Greetings klaus
--
e-Mail : klaus@tachtler.net Homepage: https://www.tachtler.net DokuWiki: https://dokuwiki.tachtler.net
participants (2)
-
David Weingut
-
Klaus Tachtler