Cyrus 2.1.9 and TLS: How to use a signed certificate
Freerk J. Bosscha
f.j.bosscha at nhl.nl
Fri Sep 6 15:16:31 EDT 2002
I have the following weard thing:
Working with the self-signed public/secret file work fine.
Recently I have got a signed public and secret key file for my ssl sessions.
Installing them and adding the following rules in /etc/imapd.conf
tls_cert_file: /<HORIZONTAL ELLIPSIS>/<HORIZONTAL ELLIPSIS>/public.pem
tls_key_file: /<HORIZONTAL ELLIPSIS>/<HORIZONTAL ELLIPSIS>/secret.pem
rights: 644 cyrus:mail
Secret.pem starts with:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,AF6323922FF5B50C
<HORIZONTAL ELLIPSIS>.
-----END RSA PRIVATE KEY-----
Results in the following message in imapd.conf
Sep 4 20:58:23 mailserv imapd[9686]: unable to get private key from '/<HORIZONTAL ELLIPSIS>./<HORIZONTAL ELLIPSIS>./secret.pem'
Sep 4 20:58:23 mailserv imapd[9685]: TLS engine: cannot load cert/key data
Sep 4 20:58:23 mailserv imapd[9686]: TLS engine: cannot load cert/key data
Sep 4 20:58:23 mailserv imapd[9685]: error initializing TLS
As mentioned, using the self-signed key file works fine, except that the mail clients have some trouble because is
Is not signed by a CA.
Any suggestions how to solve this problem and get it to work<HORIZONTAL ELLIPSIS>
Thanks for any help,
--
Freerk J. Bosscha
tel. xx-31(0)58 2961435
fax. xx-31(0)58 2961466
e-mail: f.j.bosscha at bosscha.nu
url: http://www.bosscha.nu/
More information about the Info-cyrus
mailing list