On Mon, Dec 12, 2011 at 9:30 AM, Dominique Couot <dcouot@xxxxxxxx> wrote: > Steve, > > If by acces you mean the path is right, It does have access (see imapd.conf > extract): > > # > # SSL/TLS Options > # > > # File containing the global certificate used for ALL services (imap, pop3, > # lmtp, sieve) > # tls_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem > tls_cert_file: /etc/ssl/certs/server_mail_solipym_com.pem > > # File containing the private key belonging to the global server > certificate. > # tls_key_file: /etc/ssl/private/ssl-cert-snakeoil.key > tls_key_file: /etc/ssl/private/server.key > > # File containing one or more Certificate Authority (CA) certificates. > # tls_ca_file: /etc/ssl/certs/ca-certificates.crt > tls_ca_file: /etc/ssl/CA/root.crt > > If you mean right to access, all files are read only except for root. I actually have a set just for cyrus-imap owned by the user that cyrus-imap runs as. > Not sure if the cert_file should be pem or crt format though. PEM is fine. > The weirdest thing, is that it worked till mid day, then nothing. Does the CA file have the necessary certificates to validate the cert on the connecting client? Steve ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
