TLS: unable to get certificate ...
Andrew Morgan
morgan at orst.edu
Fri Apr 11 15:39:21 EDT 2008
On Fri, 11 Apr 2008, brian wrote:
> brian wrote:
>> brian wrote:
>>> cyrus-imapd-2.3.9-7.fc7
>>> openssl-0.9.8b-15.fc7
>>>
>>> I'm trying (and failing) to set up TLS and hope someone might be able to
>>> shed some light on my problem. Authentication failed so I checked
>>> maillog and found:
>>>
>>> imap[30288]: TLS server engine: cannot load CA data
>>> imap[30288]: unable to get certificate from
>>> '/etc/pki/tls/certs/imapcert.pem'
>>> imap[30288]: TLS server engine: cannot load cert/key data
>>> imap[30288]: error initializing TLS
>>>
>>>
>
> I've solved this by:
>
> cp /etc/pki/CA/cacert.pem cyrus-imapd/
> chgrp mail /etc/pki/cyrus-imapd/cacert.pem
>
> imapd was not able to read anything in /etc/pki/CA so I can't think of
> any other solution. I'd appreciate any tips if this is a Bad Idea.
I just made the cert and key files readable by the cyrus user on my
systems. I can't think of any problems with it.
Andy
More information about the Info-cyrus
mailing list