Re: TLS wrrors on cyrus imapd log file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 20 Sep 2012, Riccardo Veraldi wrote:

> Hello,
> I am using cyrus-imapd-2.4.10
>
> I have configured it properly with X509 certificates.
> Everything is working fine but for every client connection I receive
> this error: TLS server engine: cannot load CA data
>
> Sep 16 04:04:42 iride imaps[9363]: TLS server engine: cannot load CA data
> Sep 16 04:04:42 iride imaps[9363]: imapd:Loading hard-coded DH parameters
> Sep 16 04:04:42 iride imaps[9363]: SSL_accept() incomplete -> wait
> Sep 16 04:04:42 iride imaps[9363]: SSL_accept() succeeded -> done
> Sep 16 04:04:42 iride imaps[9363]: starttls: TLSv1 with cipher
> DHE-RSA-AES256-SHA (256/256 bits reused) no authentication
> Sep 16 04:04:42 iride imaps[9363]: login: wilco.mylocaldomain.org
> [172.16.10.94] username plain+TLS User logged in
>
> X509 certificate is ok it is not expired; it complains about CA
> certificate data, but the certificate path inside imapd.conf is correct.
>
> what the problem could be ?

What are your tls_* settings in imapd.conf?  I am running Cyrus v2.4.16 
and do not see the "cannot load CA data" error in my logs.  Here are my 
tls_* settings:

tls_ca_path: /etc/ssl/certs
tls_cert_file: /etc/ssl/certs/imap.onid.oregonstate.edu.crt
tls_key_file: /etc/ssl/certs/imap.onid.oregonstate.edu.key

 	Andy
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus


[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux