Hi, this is my first mail to list. I think this is the correct list from the ones I found in your web, and I think this more cyrus than openssl related issue... if not, please fell free to tell me. Well, I'm having problems with cyrus-imap and tls certs in my gentoo box. I've configured imap to use tls: (imapd.conf) [...] tls_ca_path: /etc/ssl/certs tls_cert_file: /var/imap/cyrus-global.pem tls_key_file: /var/imap/cyrus-global.key tls_cafile: /etc/ssl/certs/cyrus-imapd-ca.pem tls_require_cert: 1 tls_session_timeout: 1440 tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH [...] And I've used 3 different auto-signed certs: 1.-) The ones generated by gentoo by default for each app. 2.-) New ones created by myself (following several howtos) 3.-) Ones copied from my other mail server. With all cases I'm getting same error: [...] [pop3] TLS server engine: No CA file specified. Client side certs may not work [pop3] [pop3d] STARTTLS failed: localhost [127.0.0.1] [...] But all same certs that failed with cyrus, worked fine for postfix and apache2. And more strange cause third case uses same config and certs from my other mail server (Debian) which works pretty fine. I also tried to set log to a high level (adding -D to cyrusmaster), but I saw no difference in logs... /usr/lib/cyrus/master -C /etc/imapd.conf -M /etc/cyrus.conf -D and I set ca_file to a path where cyrus user is able to read (/var/imap/)... but I got same error. So, I'm quite lost about this problem... I don't know what is the exactly problem with cyrus and my certs... could someone help me to determinate the source of my problem? if any conf file / output is needed, please ask for it. Many thanks in advance! Cheers! -- Arnau ---- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
