SSL error

Christian Kivalo ml+dovecot at valo.at
Thu Oct 13 08:30:26 UTC 2016



On 2016-10-13 10:12, arnaud gaboury wrote:
> On Thu, Oct 13, 2016 at 8:48 AM Christian Kivalo <ml+dovecot at valo.at> 
> wrote:
> 
>> 
>> 
>> 
>> 
>> Am 13. Oktober 2016 08:41:06 MESZ, schrieb arnaud gaboury <
>> arnaud.gaboury at gmail.com>:
>> 
>> >I run dovecot + postfix as my email server. Everything is working as
>> 
>> >expected, but I see an error in the dovecot logs:
>> 
>> >
>> 
>> >lmtp(7331): Error: SSL context initialization failed, disabling SSL:
>> 
>> >ENGINE_init(dynamic) failed
>> 
>> >
>> 
>> >Dovecot is running and emails are OK. I wonder why this error and how I
>> 
>> >can
>> 
>> >fix it? I see it is a SSL issue but no idea in which direction to look.
>> 
>> >Thank you for help
>> 
>> Please post the complete log lines and the output of dovecot -n
>> 
>> 
> $ journalctl --unit=dovecot
> Oct 13 08:20:20 thetradinghall.com systemd[1]: Started Dovecot 
> IMAP/POP3
> email server.
> Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7331): Error: 
> SSL
> context initialization failed, disabling SSL: ENGINE_init(dynamic) 
> failed
> Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7337): Error: 
> SSL
> context initialization failed, disabling SSL: ENGINE_init(dynamic) 
> failed
> Oct 13 08:20:20 thetradinghall.com dovecot[7333]: lmtp(7338): Error: 
> SSL
> context initialization failed, disabling SSL: ENGINE_init(dynamic) 
> failed
> ........................
> 
> 
> $ dovecot -n
> # 2.2.25 (7be1766): /etc/dovecot/dovecot.conf
> # OS: Linux 4.7.4-1-hortensia_docker x86_64 Fedora release 24 (Twenty 
> Four)
> auth_cache_size = 10 M
> auth_debug = yes
> auth_debug_passwords = yes
> auth_mechanisms = plain login
> auth_verbose = yes
> auth_verbose_passwords = plain
> doveadm_socket_path = /run/dovecot/doveadm-server
> imap_id_log = *
> info_log_path = /storage/log/dovecot/dovecot-info.log
> mail_debug = yes
> mail_gid = 5000
> mail_location = maildir:~:LAYOUT=fs
> mail_server_admin = mailto:admin at thetradinghall.com
> mail_uid = 5000
> mailbox_list_index = yes
> maildir_very_dirty_syncs = yes
> namespace inbox {
>   inbox = yes
>   location =
>   mailbox Archive {
>     auto = create
>     special_use = \Archive
>   }
>   mailbox Drafts {
>     auto = create
>     special_use = \Drafts
>   }
>   mailbox Junk {
>     auto = create
>     special_use = \Junk
>   }
>   mailbox Sent {
>     auto = create
>     special_use = \Sent
>   }
>   prefix =
>   separator = /
>   type = private
> }
> passdb {
>   args = /etc/dovecot/dovecot-sql.conf.ext
>   driver = sql
> }
> protocols = imap lmtp
> service auth-worker {
>   user = vmail
> }
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
>     group = postfix
>     mode = 0666
>     user = postfix
>   }
>   unix_listener auth-userdb {
>     group = postfix
>     mode = 0600
>     user = postfix
>   }
>   user = root
> }
> service imap-login {
>   inet_listener imaps {
>     port = 993
>     ssl = yes
>   }
> }
> service lmtp {
>   process_min_avail = 10
>   unix_listener /var/spool/postfix/private/dovecot-lmtp {
>     group = postfix
>     mode = 0600
>     user = postfix
>   }
> }
> ssl = required
> ssl_cert = </etc/letsencrypt/live/thetradinghall.com/fullchain.pem
> ssl_crypto_device = dynamic
  ^^ does it work when you comment/remove this setting?

from my 10-ssl.conf
# SSL crypto device to use, for valid values run "openssl engine"
#ssl_crypto_device =

by default ssl_crypto_device is not set.

> ssl_key = </etc/letsencrypt/live/thetradinghall.com/privkey.pem
> ssl_protocols = !SSLv2 !SSLv3
> userdb {
>   args = uid=5000 gid=5000 home=/storage/vmail/%d/%n
>   driver = static
> }
> verbose_ssl = yes
> protocol lmtp {
>   hostname = thetradinghall.com
>   postmaster_address = postmaster at thetradinghall.com
> }
> 
> 
-- 
  Christian Kivalo


More information about the dovecot mailing list