Bernhard D Rohrer wrote: > Hi all > > I have created my TLS cert according to these instructions: > > openssl req -new -nodes -out req.pem -keyout key.pem > openssl rsa -in key.pem -out new.key.pem > openssl x509 -in req.pem -out ca-cert -req \ > -signkey new.key.pem -days 999 > > mkdir /var/imap > > cp new.key.pem /var/imap/server.pem > rm new.key.pem > cat ca-cert >> /var/imap/server.pem > > chown cyrus:mail /var/imap/server.pem > chmod 600 /var/imap/server.pem # Your key should be protected > > echo tls_ca_file: /var/imap/server.pem >> /etc/imapd.conf > echo tls_cert_file: /var/imap/server.pem >> /etc/imapd.conf > echo tls_key_file: /var/imap/server.pem >> /etc/imapd.conf > > root@collab:/usr/lib/ssl# ls -al im* > -rw------- 1 cyrus mail 5219 2008-03-31 00:12 imap.pem > > and I am getting this error: > > Mar 31 01:33:41 collab cyrus/imaps[12733]: unable to get certificate > from '/usr/lib/ssl/imap.pem' > Mar 31 01:33:41 collab cyrus/imaps[12733]: TLS server engine: cannot > load cert/key data, may be a cert/key mismatch? > Mar 31 01:33:41 collab cyrus/imaps[12733]: error initializing TLS > Mar 31 01:33:41 collab cyrus/imaps[12733]: Fatal error: tls_init() failed > Mar 31 01:33:41 collab cyrus/imaps[12733]: DBERROR: error exiting > application: Invalid argument > > help?? unable to get certificate from '/usr/lib/ssl/imap.pem' Look in /etc/imapd.conf and make sure you don't have tls_cert_file defined twice. > > thanks > > Bernhard > ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
