IMAPS problem
Patrick Boutilier
boutilpj at ednet.ns.ca
Sun Mar 30 21:39:27 EDT 2008
Bernhard D Rohrer wrote:
> Hi all
>
> I have created my TLS cert according to these instructions:
>
> openssl req -new -nodes -out req.pem -keyout key.pem
> openssl rsa -in key.pem -out new.key.pem
> openssl x509 -in req.pem -out ca-cert -req \
> -signkey new.key.pem -days 999
>
> mkdir /var/imap
>
> cp new.key.pem /var/imap/server.pem
> rm new.key.pem
> cat ca-cert >> /var/imap/server.pem
>
> chown cyrus:mail /var/imap/server.pem
> chmod 600 /var/imap/server.pem # Your key should be protected
>
> echo tls_ca_file: /var/imap/server.pem >> /etc/imapd.conf
> echo tls_cert_file: /var/imap/server.pem >> /etc/imapd.conf
> echo tls_key_file: /var/imap/server.pem >> /etc/imapd.conf
>
> root at collab:/usr/lib/ssl# ls -al im*
> -rw------- 1 cyrus mail 5219 2008-03-31 00:12 imap.pem
>
> and I am getting this error:
>
> Mar 31 01:33:41 collab cyrus/imaps[12733]: unable to get certificate
> from '/usr/lib/ssl/imap.pem'
> Mar 31 01:33:41 collab cyrus/imaps[12733]: TLS server engine: cannot
> load cert/key data, may be a cert/key mismatch?
> Mar 31 01:33:41 collab cyrus/imaps[12733]: error initializing TLS
> Mar 31 01:33:41 collab cyrus/imaps[12733]: Fatal error: tls_init() failed
> Mar 31 01:33:41 collab cyrus/imaps[12733]: DBERROR: error exiting
> application: Invalid argument
>
> help??
unable to get certificate from '/usr/lib/ssl/imap.pem'
Look in /etc/imapd.conf and make sure you don't have tls_cert_file
defined twice.
>
> thanks
>
> Bernhard
>
More information about the Info-cyrus
mailing list