Steve, If by acces you mean the path is right, It does have access (see imapd.conf extract): # # SSL/TLS Options # # File containing the global certificate used for ALL services (imap, pop3, # lmtp, sieve) # tls_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem tls_cert_file: /etc/ssl/certs/server_mail_solipym_com.pem # File containing the private key belonging to the global server certificate. # tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key tls_key_file: /etc/ssl/private/server.key # File containing one or more Certificate Authority (CA) certificates. # tls_ca_file: /etc/ssl/certs/ca-certificates.crt tls_ca_file: /etc/ssl/CA/root.crt If you mean right to access, all files are read only except for root. Not sure if the cert_file should be pem or crt format though. The weirdest thing, is that it worked till mid day, then nothing. Dominique On 12/12/2011 18:23, Stephen Ingram wrote: > On Mon, Dec 12, 2011 at 8:47 AM, Dominique Couot<dcouot@xxxxxxxx> wrote: >> Hi, >> >> I've playing with Cyrus (+Postfix + SASL) for a while without any problem - >> and without any security (port143). I finally got around to get a >> certificate and installed it, modified the imap.conf file, and I can no >> longer receive any mail on port 993. Sending does work however on port 465. >> It worked for a while this morning until I screwed up. Can someone tell me >> what's where I might I have gone wrong... Promise, next time I'll take >> better notes of the changes I make.... >> >> The port 993 is forwarded to the server and the server seems to be listening >> to it (nmap results). >> However nothing in the mail.log as far as connection are concerned, only >> errors: >> >> Dec 12 17:06:23 www cyrus/imaps[19071]: imaps TLS negotiation failed: >> 16.Red-81-34-68.dynamicIP.rima-tde.net [81.34.68.16] >> Dec 12 17:06:23 www cyrus/imaps[19071]: Fatal error: tls_start_servertls() >> failed >> Dec 12 17:06:23 www cyrus/master[18687]: process 19071 exited, status 75 >> Dec 12 17:06:23 www cyrus/master[18687]: service imaps pid 19071 in BUSY >> state: terminated abnormally >> >> Any help more than welcome. > Make sure that cyrus-imapd has access to your SSL certificate and key. > It sounds like only your MTA has proper access. > > Steve > ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
