ssl_key_password loaded from file: 'Couldn't parse private ssl_key'

B. R. reallfqq-dovecot at
Sun Sep 20 13:35:23 UTC 2015

As this is my first message to this ML: Hello!

I am using a password-protected SSL key for my dovecot MDA.
When I tried to use the ssl_key_password configuration directive as follow:
ssl_key_password = </path/to/passfile
it did not work as I logged the following:
dovecot: imap-login: Error: SSL: Stacked error: error:06065064:digital
envelope routines:EVP_DecryptFinal_ex:bad decrypt
dovecot: imap-login: Fatal: Couldn't parse private ssl_key:
error:0906A065:PEM routines:PEM_do_header:bad decrypt

However, not using the fille inclusion but directly configuring as follow:
ssl_key_password = mypass
did work...

I am loading my certificate & key with the file inclusion trick... How come
cannot I use that for the password file?
It would avoid input the password directly into the dovecot configuraiton
files, forcing me to change permissions and duplicating it... When renewing
the private key I will be force to edit the password at every location.

Is it a bug? or a feature? :D
*B. R.*

More information about the dovecot mailing list