Newbie errors
Dominique Couot
dcouot at terra.es
Mon Dec 12 12:55:39 EST 2011
As far as the CA is concerned, I downloaded it from the CA web site.
While trying to figure out what I am doing wrong, I reactivated port 143
in my router, and it started to work. So I must have missed something in
the configuration elsewhere, if port 143 is the one answering and not 993.
Dominique
On 12/12/2011 18:43, Stephen Ingram wrote:
> On Mon, Dec 12, 2011 at 9:30 AM, Dominique Couot<dcouot at terra.es> wrote:
>> Steve,
>>
>> If by acces you mean the path is right, It does have access (see imapd.conf
>> extract):
>>
>> #
>> # SSL/TLS Options
>> #
>>
>> # File containing the global certificate used for ALL services (imap, pop3,
>> # lmtp, sieve)
>> # tls_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem
>> tls_cert_file: /etc/ssl/certs/server_mail_solipym_com.pem
>>
>> # File containing the private key belonging to the global server
>> certificate.
>> # tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key
>> tls_key_file: /etc/ssl/private/server.key
>>
>> # File containing one or more Certificate Authority (CA) certificates.
>> # tls_ca_file: /etc/ssl/certs/ca-certificates.crt
>> tls_ca_file: /etc/ssl/CA/root.crt
>>
>> If you mean right to access, all files are read only except for root.
> I actually have a set just for cyrus-imap owned by the user that
> cyrus-imap runs as.
>
>> Not sure if the cert_file should be pem or crt format though.
> PEM is fine.
>
>> The weirdest thing, is that it worked till mid day, then nothing.
> Does the CA file have the necessary certificates to validate the cert
> on the connecting client?
>
> Steve
>
More information about the Info-cyrus
mailing list