Basic FAQs and HOWTOs

[Craig White]

On Wed, 2005-02-16 at 15:11 -0500, Forrest Aldrich wrote:
> All of this sort of information could (should?) be pooled in a place
> like the Cyrus Wiki.
> 
> I'm wondering if O'Reilly has any plans to update their dated
> "Managing IMAP" book ;-)  My guess is probably not.
> 
> Cyrus/SASL is one of those great products that is very complex, and it
> deserves some coverage of it's own.
> 
> Re: the below posting, a trouble-shooting section is definately in
> order - some of the common problems I've seen asked (via googling
> around) could be addressed in the Wiki as well.
> 
> For the record, I've run into that popular "connect
> to /var/imap/socket/lmtp [ ... ] Permission denied" error (amoungst
> other problems) and the explanations I've seen out there appear (to
> me) as varying as the shape of snowflakes ;-)
----
Most importantly for me is 'how to debug' and I think we just covered
some of that

I am also interested in knowing how to generate self-signed certificates
for tls connections on pop3/imap

This is what I used...

# openssl req -new -x509 -nodes -out /etc/ssl/cyrus-global.pem \
-keyout /etc/ssl/cyrus-global.pem -days 3650
# openssl gendh 512 >> /etc/ssl/cyrus-global.pem

and set /etc/imapd.conf

tls_cert_file: /etc/ssl/cyrus-global.pem
tls_key_file: /etc/ssl/cyrus-global.pem
tls_ca_file: /etc/ssl/certs/ca.crt

which seems to work - the ca.crt file I had create previously with
commands to build certs for openldap...

openssl genrsa -des3 -out ca.key 2048
openssl req -new -x509 -days 3650 -key ca.key -out ca.cert

and while it works, it would be interesting to have someone knowledgable
confirm that I am on the right track here since I certainly don't know
what it is that I am doing.

Craig

---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html