dovecot-2.3 (-git) Warning and Fatal Compile Error

Aki Tuomi aki.tuomi at dovecot.fi
Sun Oct 29 15:43:25 EET 2017


> On October 29, 2017 at 1:55 PM Reuben Farrelly <reuben-dovecot at reub.net> wrote:
> 
> 
> Hi again,
> 
> Chasing down one last problem which seems to have been missed from my 
> last email:
> 
> On 20/10/2017 9:22 PM, Stephan Bosch wrote:
> >
> >
> > Op 20-10-2017 om 4:23 schreef Reuben Farrelly:
> >> On 18/10/2017 11:40 PM, Timo Sirainen wrote:
> >>> On 18 Oct 2017, at 6.34, Reuben Farrelly <reuben-dovecot at reub.net> 
> >>> wrote:
> 
> This problem below is still present in 2.3 -git, as of version 2.3.devel 
> (6fc40674e)
> 
> >>> Secondly, this ssl_dh messages is always printed from doveconf:
> >>>
> >>> doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem
> >>> doveconf: Warning: You can generate it with: dd 
> >>> if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dh 
> >>> -inform der > /etc/dovecot/dh.pem
> >>>
> >>> Yet the file is there:
> >>>
> >>> thunderstorm conf.d # ls -la /etc/dovecot/dh.pem
> >>> -rw-r--r-- 1 root root 769 Oct 19 21:55 /etc/dovecot/dh.pem
> >>>
> >>> And the config is there as well:
> >>>
> >>> thunderstorm dovecot # doveconf -P | grep ssl_dh
> >>> ssl_dh = </etc/dovecot/dh.pem
> >>> doveconf: Warning: please set ssl_dh=</etc/dovecot/dh.pem
> >>> doveconf: Warning: You can generate it with: dd 
> >>> if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dh 
> >>> -inform der > /etc/dovecot/dh.pem
> >>>   ssl_dh = -----BEGIN DH PARAMETERS-----
> >>>   ssl_dh = -----BEGIN DH PARAMETERS-----
> >>>   ssl_dh = -----BEGIN DH PARAMETERS-----
> >>>   ssl_dh = -----BEGIN DH PARAMETERS-----
> >>>   ssl_dh = -----BEGIN DH PARAMETERS-----
> >>>   ssl_dh = -----BEGIN DH PARAMETERS-----
> >>>   ssl_dh = -----BEGIN DH PARAMETERS-----
> >>>   ssl_dh = -----BEGIN DH PARAMETERS-----
> >>> thunderstorm dovecot #
> >>>
> >>> It appears that this warning is being triggered by the presence of 
> >>> the ssl-parameters.dat file because when I remove it the warning 
> >>> goes away. Perhaps the warning could be made a bit more specific 
> >>> about this file being removed if it is not required because at the 
> >>> moment the warning message is not related to the trigger.
> >>>
> >>> Thanks,
> >>> Reuben
> >
> 
> Thanks,
> Reuben

It is triggered when there is ssl-parameters.dat file *AND* there is no ssl_dh=< explicitly set in config file.

Aki


More information about the dovecot mailing list