Moving Cyrus TLS component files (.CA, .crt, .key) between servers ?
Eric.Luyten at vub.ac.be
Fri Sep 25 09:49:11 EDT 2009
On Fri, September 25, 2009 11:40 am, Patrick Boutilier wrote:
> Eric Luyten wrote:
>> I am in the process of moving Cyrus service from a Cyrus 2.2.13 / Solaris9
>> system to a Cyrus 2.3.15 / Solaris10 system and all is running pretty well
>> for authenticated IMAP/POP sessions.
>> CSRs and key on the first server were generated using OpenSSL 0.9.7e while
>> there is OpenSSL 0.9.8k on the second one (if that matters).
>> I copied the three files referenced by
>> in /etc/imapd.conf to the new server but appear to have overlooked
>> something, because my logfile now shows :
> Does the cyrus user have permissions to read the cert and key?
Head on !
File access bits on the files themselves and directories above were correct
but *group ownership* of the three files (by which I make the 'cyrus' user
read them) had not been preserved.
Thx a lot for your hint (should've found out by myself but long working
days are starting to take their toll :-)
More information about the Info-cyrus