password protected ssl key seems unsupported after update to 2.3.4.1
admin at f-hamelin.fr
admin at f-hamelin.fr
Mon Feb 25 11:07:55 EET 2019
Thanks for that quick answer. Apart from this mailing list, is there a way to follow the work on a precise ticket? If not, by curiosity, what is the reason?
Franck
> Le 25 févr. 2019 à 09:33, Aki Tuomi via dovecot <dovecot at dovecot.org> a écrit :
>
> It's in our backlog, but not fixed yet.
>
> Aki
>
> On 24.2.2019 21.30, admin--- via dovecot wrote:
>> Hi,
>>
>> On a debian server after an update to dovecot to 2.3.4.1 imaps mail
>> client stop working.
>> I’ve applied necessary migration for ssl_dh
>> (cf https://wiki.dovecot.org/Upgrading/2.3 ) but that was not enough.
>> The workaround I’ve setup was to remove password protection from the
>> ssl_key file. All tests with ssl_key_password parameter failled
>> (direct password, <path-file-with-password)
>>
>> searching I’ve found a message reporting a problem with that parameter
>> and Stephan said it was tracked internally as DOP-851
>>
>> Hope this will help.
>>
>> Regards,
>> Franck
>>
>> debian updade from dovecot-core:amd64 (1:2.2.34-2~bpo9+1,
>> 1:2.3.4.1-1~bpo9+1)
>>
>> # dovecot -n
>> # 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.5.4 ()
>> # OS: Linux 4.19.0-0.bpo.2-amd64 x86_64 Debian 9.8 xfs
>> …/…
>>
>> The error message in the log prior to the workaround was : "dovecot:
>> imap-login: Error: Failed to initialize SSL server context: Couldn't
>> parse private SSL key: error:06065064:digital envelope
>> routines:EVP_DecryptFinal_ex:bad decrypt, error:23077074:PKCS12
>> routines:PKCS12_pbe_crypt:pkcs12 cipherfinal error,
>> error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe
>> crypt error, error:0907B00D:PEM routines:PEM_read_bio_PrivateKey:ASN1
>> lib: user=<>, rip=192.168.0.254, lip=192.168.0.51,
>> session=<thtmP6iCc9jAqAD+> »
>>
>>
>>
>>
More information about the dovecot
mailing list