New install - getting error: "Failed to initialize SSL server context: Couldn't parse DH parameters"

James Brown jlbrown at bordo.com.au
Tue Nov 13 07:13:15 EET 2018 

Ah… that’s better!

No error now.

Thanks Aki.

> On 13 Nov 2018, at 4:06 pm, Tuomi, Aki <aki.tuomi at open-xchange.com> wrote:
> 
> Actually you need to use ssl_dh=<
> /usr/local/etc/dovecot/dh.pem
> 
> Note the <
> 
> Aki
> 
> -------- Original message --------
> From: "Michael A. Peters" <mpeters at domblogger.net>
> Date: 13/11/2018 05:44 (GMT+02:00)
> To: dovecot at dovecot.org
> Subject: Re: New install - getting error: "Failed to initialize SSL server context: Couldn't parse DH parameters"
> 
> try
> 
> openssl dhparam -out /usr/local/etc/dovecot/dh.pem 2048
> 
> On 11/12/2018 07:28 PM, James Brown wrote:
> > I’m setting up Dovecot using Homebrew on a new server and am getting 
> > this when I try to login via IMAP:
> > 
> > Nov 13 14:13:35 auth: Debug: auth client connected (pid=30719)
> > Nov 13 14:13:35 imap-login: Info: Aborted login (no auth attempts in 0 
> > secs): user=<>, rip=::1, lip=::1, secured, 
> > session=<gM0HNIN6HtoAAAAAAAAAAAAAAAAAAAAB>
> > Nov 13 14:18:33 auth: Debug: Loading modules from directory: 
> > /usr/local/Cellar/dovecot/2.3.2.1/lib/dovecot/auth
> > Nov 13 14:18:33 auth: Debug: Module loaded: 
> > /usr/local/Cellar/dovecot/2.3.2.1/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
> > Nov 13 14:18:33 auth: Debug: Read auth token secret from 
> > /usr/local/var/run/dovecot/auth-token-secret.dat
> > Nov 13 14:18:33 auth: Debug: auth client connected (pid=30848)
> > Nov 13 14:18:33 imap-login: Error: Failed to initialize SSL server 
> > context: Couldn't parse DH parameters: error:0906D06C:PEM 
> > routines:PEM_read_bio:no start line: Expecting: DH PARAMETERS: user=<>, 
> > rip=::1, lip=::1, secured, session=<q7TJRYN6RdoAAAAAAAAAAAAAAAAAAAAB>
> > Nov 13 14:18:33 imap-login: Info: Disconnected: TLS initialization 
> > failed. (no auth attempts in 0 secs): user=<>, rip=::1, lip=::1, 
> > secured, session=<q7TJRYN6RdoAAAAAAAAAAAAAAAAAAAAB>
> > 
> > I’ve used:
> > 
> > Openssl gendh 2048
> > 
> > And put the output:
> > 
> > -----BEGIN DH PARAMETERS-----
> > MIIBCAKCAQEA0IF7kQX32IJFm/5HEVwYf7Be4G9iY86MvLiFLL3wHGqcPT3EMsIv
> > YSe5XOT0Q7DGXPOZ+DLlJq8KDHxWKNI6j/0ZaRBrF38CWj8Jqxa8pqo9FVSWj45b
> > JwSLqBSoBIEFWibqSE6L8wlV8xjMsB34xLHduJDNbaBzsooN749CopTkmkuGeXKH
> > waOEbDzlOq+qHEa4bjx2/e/TnPj0kCrMnfeU4QILo1rJwuN4nY6k7fGwgEDVa2hE
> > oOrVfJxxxxxxxxxyyyyyuuuixxxxblahblahblahhhkkkkkkkkkkkkXCGsxhlDQO
> > QmzOhHqPovzbBByO9iR5fu3xbNm9YRxPowIBAg==
> > -----END DH PARAMETERS——
> > 
> > Into a file dh.pem and then added
> > 
> > ssl_dh=/usr/local/etc/dovecot/dh.pem
> > 
> > To my dovecot.conf file.
> > 
> > Reloaded Dovecot but still get the same error.
> > 
> > Any suggestions?
> > 
> > macOS 10.13.6, Dovecot 2.3.2.1
> > 
> > Any suggestions?
> > 
> > Thanks,
> > 
> > James.
>

More information about the dovecot mailing list