ssl_params error on RHEL7 FIPS enabled
Brad Partin
bpartin2009 at gmail.com
Thu Aug 19 22:37:43 EEST 2021
All,
The machine I’m running dovecot on is:
RHEL7.9 3.10.0-1160.31.1.el7.x86_64
I can run Systemctl restart dovecot then status or
/usr/libexec/dovecot/ssl-params and I get the following error.
Info: Generating SSL parameters
Fatal: ssl_iostream_generate_params(4096) failed: DH_generate_parameters(bits=512, gen=2) failed: error:0506A06E:lib(5):func(106):reason(110), error 0506A003:lib(5):func(106):reason(3)
Error: child process failed with status 22784
I can generate a diffie-hellman pem with
openssl dhparam -out /etc/dovecot/dh.pem 4096
But dovecot 2.2.36 does not have the option of telling it where the dh.pem file is located in the config like version 2.3 does.
Is my error related to FIPS and is there a way around it?
My dovecot version is:
Dovecot version 2.2.36 release 8.el7
Thanks in advance to anyone willing to help out, I know it’s voluntary 🙏
Thanks,
bpartin2009
Sent from my iPhone
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20210819/6d9ddf99/attachment-0001.html>
More information about the dovecot
mailing list