As far as the CA is concerned, I downloaded it from the CA web site. While trying to figure out what I am doing wrong, I reactivated port 143 in my router, and it started to work. So I must have missed something in the configuration elsewhere, if port 143 is the one answering and not 993. Dominique On 12/12/2011 18:43, Stephen Ingram wrote: > On Mon, Dec 12, 2011 at 9:30 AM, Dominique Couot<dcouot@xxxxxxxx> wrote: >> Steve, >> >> If by acces you mean the path is right, It does have access (see imapd.conf >> extract): >> >> # >> # SSL/TLS Options >> # >> >> # File containing the global certificate used for ALL services (imap, pop3, >> # lmtp, sieve) >> # tls_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem >> tls_cert_file: /etc/ssl/certs/server_mail_solipym_com.pem >> >> # File containing the private key belonging to the global server >> certificate. >> # tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key >> tls_key_file: /etc/ssl/private/server.key >> >> # File containing one or more Certificate Authority (CA) certificates. >> # tls_ca_file: /etc/ssl/certs/ca-certificates.crt >> tls_ca_file: /etc/ssl/CA/root.crt >> >> If you mean right to access, all files are read only except for root. > I actually have a set just for cyrus-imap owned by the user that > cyrus-imap runs as. > >> Not sure if the cert_file should be pem or crt format though. > PEM is fine. > >> The weirdest thing, is that it worked till mid day, then nothing. > Does the CA file have the necessary certificates to validate the cert > on the connecting client? > > Steve > ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
