anthony-list at tibbs.ca
Mon Feb 28 09:44:03 EST 2011
I've been running Cyrus at a couple of small sites since 2001 or so.
I've run into a snag trying to setup SSL using something other than the
self-signed, auto-generated certificate. The domain has a GoDaddy
2048-bit SSL certificate. From the SSL manager, one downloads a bundle
that contains a certificate chain bundle, and a separate file with the
certificate for the domain itself.
The key and CSR was generated with:
openssl genrsa -des3 -out xxx.key 2048
openssl req -new -key xxx.key -out xxx.csr
I've seen a few different methodologies posted about how to install
this. One is to conctenate the domain certificate, the certificate
chain, and the private key into one .pem file and set tls_cert_file,
tls_ca_file, and tls_key_file to point to the same '.pem' file. Another
is to keep the files completely separate.
No matter what I have tried, I've been unsuccessful. Thunderbird
reports that it received an SSL record that is too long, and/or the
imapd process becomes stuck at 100% CPU utilization until it is killed
Is there something I'm missing on this?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Info-cyrus