tls self-signed certificates
Craig White
craigwhite at azapple.com
Tue Oct 16 11:23:26 EDT 2007
How do people generate self-signed certificates as this no longer works
for me...
#### generate cyrus certificate ####
openssl req -config /etc/ssl/openssl.cnf \
-new -x509 -nodes \
-out /etc/ssl/cyrus-global.pem \
-keyout /etc/ssl/cyrus-global.pem \
-days 3650
openssl gendh 512 >> /etc/ssl/cyrus-global.pem
and I used to use this cyrus-global.pem for both tls_cert_file and
tls_key_file...
tls_cert_file: /etc/ssl/cyrus-global.pem
tls_key_file: /etc/ssl/cyrus-global.pem
tls_ca_file: /etc/ssl/private/cacert.pem
but this fails...
Oct 16 08:22:47 spot imaps[7905]: imaps TLS negotiation failed:
ip68-230-71-199.ph.ph.cox.net [68.230.71.199]
Oct 16 08:22:47 spot imaps[7905]: Fatal error: tls_start_servertls()
failed
suggestions anyone?
Craig
More information about the Info-cyrus
mailing list