cyrus-imapd-2.3.9-7.fc7 openssl-0.9.8b-15.fc7 I'm trying (and failing) to set up TLS and hope someone might be able to shed some light on my problem. Authentication failed so I checked maillog and found: imap[30288]: TLS server engine: cannot load CA data imap[30288]: unable to get certificate from '/etc/pki/tls/certs/imapcert.pem' imap[30288]: TLS server engine: cannot load cert/key data imap[30288]: error initializing TLS # ls -l /etc/pki/tls/certs/ total 456 -rw-r--r-- 1 root root 2240 Oct 12 10:55 Makefile -rw-r--r-- 1 root root 441017 Jun 21 2006 ca-bundle.crt -rw-r--r-- 1 root root 3250 Apr 10 23:46 imapcert.pem -rw-r--r-- 1 root root 887 Apr 10 23:40 imapkey.pem -rw-r--r-- 1 root root 712 Apr 10 23:40 imapreq.pem -rwxr-xr-x 1 root root 610 Oct 12 10:55 make-dummy-cert The file imapcert.pem is the self-signed cert created while following Patrick Koetter's SMTP AUTH tutorial[1] As it's easily readable (the cert, though Patrick's tut has been terrificly helpful), I'm wondering if I've made some blunder in creating it. # openssl s_server \ -cert /etc/pki/tls/certs/imapcert.pem \ -key /etc/pki/tls/certs/imapkey.pem Using default temp DH parameters ACCEPT After this, issuing 'Q' does not quit for some reason. But it appears to me that the cert is good, though I can't claim to be a wizard with the openssl tools (else I wouldn't be requesting help ;-) Any ideas of what else I should be looking for? Also, further on in maillog, I see: imap[30288]: DBERROR db4: Database handles still open at environment close imap[30288]: DBERROR db4: Open database handle: /var/lib/imap/tls_sessions.db imap[30288]: DBERROR: error exiting application: Invalid argument Is this something I should be concerned about? I have log_level = 3, FWIW. [1] http://postfix.state-of-mind.de/patrick.koetter/smtpauth/ ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
