/etc/ssl/certs/dovecot.pem erased by OpenSuse's update mechanism
Wolfgang Gross
WGross at uni-hd.de
Mon Feb 16 14:42:31 UTC 2015
On 16 Feb 2015 at 21:59, Nick Edwards wrote:
> This directory in later times is where more and more distros are
> putting system wide server CA type certs, most distros are moving to
> this path, so the package maintainer should fix their script, maybe to
> /etc/ssl/private or such.
Maybe not in /etc/ssl/private for security reasons?
10-ssl.conf uses the same file name for certificate and private key; better
change this, too.
>
> On 2/16/15, Wolfgang Gross <WGross at uni-hd.de> wrote:
> > Hi,
> >
> > this is not a genuine Dovecot bug, more a nuisance.
> > It applies to OpenSuse 13.2 but maybe also to other Linux's.
> >
> > The standard installation of Dovecot (especially 10-ssl.conf) places the
> > certificate dovecot.pem in /etc/ssl/certs.
> > Sometimes during updates does OpenSuse renew all certificates in
> > /etc/ssl/certs
> > and erases dovecot.pem. This blocks further access to the mailbox.
> >
> > I found a similar report here:
> > https://bbs.archlinux.de/viewtopic.php?id=27288
> >
More information about the dovecot
mailing list