NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: dovecot again/still



Hi,

This is still a live issue - apologies, I missed your post last week.

Here are the file specs from my /etc/postfix/main.cf:

smtpd_tls_cert_file = /etc/ssl/certs/myname.pem
smtpd_tls_key=/etc/ssl/private/myname.key


It's clear from the runtime error message that the certificate is not,
in effect, being read.   But the current file names and contents
produce the fewest errors.   Could it be the .pem file extension, or
is there a hard-coded location for the certificate and ley that I need
to conform too?

Or could it be that the content of the files is wrong?   I found
myself going round in circles and making no progres.

This is NetBSD 4.01, with the SSL libraries updated to the latest
version for that release.

--
Steve Blinkhorn <steve%prd.co.uk@localhost>


You wrote:
> 
> Hello again
> 
> Having just now been confused by similar error to yours when setting up
> postfix certificates on 6.1, I eventually managed to track it down to
> wrong file name in main.cf...
> 
> This is smtpd tls part from main.cf, in case it helps
> 
> smtpd_tls_cert_file = /etc/localstuff/example.com.crt
> smtpd_tls_key_file = /etc/localstuff/example.com.key
> smtpd_use_tls = yes
> smtpd_tls_security_level = may
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> 
> 
> On Mon, 14 Oct 2013 21:39:10 +0300
> Terho Uotila wrote:
> 
> > Hello,
> > 
> > On Wed, 9 Oct 2013 16:56:16 +0100 (BST)
> > Steve Blinkhorn wrote:
> > 
> > > Oct  8 22:15:20 body postfix/smtpd[27299]: warning: cannot get
> > > private key from file /etc/ssl/certs/body.prd.co.uk.pem Oct  8
> > > 22:15:20 body postfix/smtpd[27299]: warning: TLS library problem:
> > > 27299:e rror:0906D06C:PEM routines:PEM_read_bio:no start
> > > line:/home/builds/ab/netbsd-4-0
> > > -1-RELEASE/src/crypto/dist/openssl/crypto/pem/pem_lib.c:647:Expecting:
> > > ANY PRIVATE KEY: Oct  8 22:15:20 body postfix/smtpd[27299]: warning:
> > > TLS library problem: 27299:error:140B0009:SSL
> > > routines:SSL_CTX_use_PrivateKey_file:PEM lib:/home/builds/ab/n
> > > etbsd-4-0-1-RELEASE/src/crypto/dist/openssl/ssl/ssl_rsa.c:669: Oct
> > > 8 22:15:20 body postfix/smtpd[27299]: cannot load RSA certificate
> > > and key d ata
> > > 
> > I haven't seen anything further on list so I wonder if this is still
> > a problem or has been resolved already.
> > 
> > In case this is still unresolved, and you're willing to accept guesses
> > too, from above log it looks to me like postfix might be trying to
> > (unsuccessfully) use your certificate and key. Have you tried telling
> > it where it can find those? 
> > 
> > smtpd_tls_cert_file
> > smtpd_tls_key_file
> > 
> > from http://www.postfix.org/TLS_README.html
> > (and earlier agentoss link mentioned these too)
> > 
> > 
> > > You wrote:
> > > > 
> > > > http://agentoss.wordpress.com/2013/01/06/home-mail-server-with-postfix-dovecot-imap-squirrelmailroundcube-on-netbsd-6-0-1/
> > > > 
> > > > This was very helpful when I struggled with configuring a mail
> > > > server.
> > > > 
> > > > Regards,
> > > > -- 
> > > > Bartek Krawczyk
> > > > 
> > > 
> > > 
> > 
> 
> 



Home | Main Index | Thread Index | Old Index