NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: dovecot again/still



steve%prd.co.uk@localhost (Steve Blinkhorn) writes:

> This is still a live issue - apologies, I missed your post last week.
>
> Here are the file specs from my /etc/postfix/main.cf:
>
> smtpd_tls_cert_file = /etc/ssl/certs/myname.pem
> smtpd_tls_key=/etc/ssl/private/myname.key
>
>
> It's clear from the runtime error message that the certificate is not,
> in effect, being read.   But the current file names and contents
> produce the fewest errors.   Could it be the .pem file extension, or
> is there a hard-coded location for the certificate and ley that I need
> to conform too?
>
> Or could it be that the content of the files is wrong?   I found
> myself going round in circles and making no progres.
>
> This is NetBSD 4.01, with the SSL libraries updated to the latest
> version for that release.

I put them in /usr/pkg/etc/postfix.  Of course the snmp daemon needs to
be able to read the files - /etc/openssl/private on my systems are
root-owned 700.

My key file is key.pem and starts like:

-----BEGIN RSA PRIVATE KEY-----

The certificate file is post.pem and starts

-----BEGIN CERTIFICATE-----

and both can be read with 'openssl ans1parse'.

Attachment: pgpH89SLk7XU4.pgp
Description: PGP signature



Home | Main Index | Thread Index | Old Index