[Dovecot] dovecot 2.2.9 - ssl_cert and ssl_key ignored
Hello,
It seems that Dovecot ignores the new /ssl_cert and ssl_key /settings.
Using them in the dovecot configuration results in the error: Fatal: Couldn't parse private ssl_key: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY PRIVATE KEY]
Using the old /ssl_//cert//_file/ and /ssl_key_file/ results in their being obsolete warning but no fatal error.
Am 2014-05-11 10:16, schrieb Alexandru Bostina:
Hello,
It seems that Dovecot ignores the new /ssl_cert and ssl_key /settings.
Using them in the dovecot configuration results in the error: Fatal: Couldn't parse private ssl_key: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY PRIVATE KEY]
Does the file read something like this in the first line?
-----BEGIN RSA PRIVATE KEY-----
-- peter
Yes, it does. But I mentioned that just using the old settings (ssl_key_file) works (with the same certificate and key). *From:* Peter Chiochetti <mailto:pch@myzel.net> *Sent:* Sunday, May 11, 2014 11:58AM *To:* Alexandru Bostina <mailto:alb@alnio.ro>, Dovecot <mailto:dovecot@dovecot.org> *Subject:* Re: [Dovecot] dovecot 2.2.9 - ssl_cert and ssl_key ignored
Am 2014-05-11 10:16, schrieb Alexandru Bostina:
Hello,
It seems that Dovecot ignores the new /ssl_cert and ssl_key /settings.
Using them in the dovecot configuration results in the error: Fatal: Couldn't parse private ssl_key: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY PRIVATE KEY]
Does the file read something like this in the first line?
-----BEGIN RSA PRIVATE KEY-----
Nevermind, I think I found the problem.
It seems that Ubuntu's default settings for Dovecot are wrong, they lack the "<" character before the certificate/key path. So either of the following works: ssl_cert_file = /dat/etc/ssl/certs/server.crt ssl_key_file = /dat/etc/ssl/private/server.key or ssl_cert = </dat/etc/ssl/certs/server.crt ssl_key = </dat/etc/ssl/private/server.key
Thanks!
*From:* Alexandru Bostina <mailto:alb@alnio.ro> *Sent:* Sunday, May 11, 2014 12:04PM *To:* Peter Chiochetti <mailto:pch@myzel.net>, Dovecot <mailto:dovecot@dovecot.org> *Subject:* Re: [Dovecot] dovecot 2.2.9 - ssl_cert and ssl_key ignored
Yes, it does. But I mentioned that just using the old settings (ssl_key_file) works (with the same certificate and key). *From:* Peter Chiochetti<mailto:pch@myzel.net> *Sent:* Sunday, May 11, 2014 11:58AM *To:* Alexandru Bostina<mailto:alb@alnio.ro>, Dovecot <mailto:dovecot@dovecot.org> *Subject:* Re: [Dovecot] dovecot 2.2.9 - ssl_cert and ssl_key ignored
Am 2014-05-11 10:16, schrieb Alexandru Bostina:
Hello,
It seems that Dovecot ignores the new /ssl_cert and ssl_key /settings.
Using them in the dovecot configuration results in the error: Fatal: Couldn't parse private ssl_key: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: ANY PRIVATE KEY]
Does the file read something like this in the first line?
-----BEGIN RSA PRIVATE KEY-----
On 5/11/2014 5:14 AM, Alexandru Bostina <alb@alnio.ro> wrote:
Nevermind, I think I found the problem.
It seems that Ubuntu's default settings for Dovecot are wrong, they lack the "<" character before the certificate/key path. So either of the following works: ssl_cert_file = /dat/etc/ssl/certs/server.crt ssl_key_file = /dat/etc/ssl/private/server.key or ssl_cert = </dat/etc/ssl/certs/server.crt ssl_key = </dat/etc/ssl/private/server.key
The latter is what was showing in the config you posted in the OP?
--
Best regards,
Charles
participants (3)
-
Alexandru Bostina
-
Charles Marcus
-
Peter Chiochetti