Hi, I'm trying out bincimap, and I ran into a snag with ssl. I have the following setup: Red Hat 9 server (in a virtual server environment), qmail, bincimap 1.2.2 from rpm, openssl 0.9.7c from source
I generated a new pem file with these commands: cd /usr/lib/openssl/ sh CA.sh -newca sh CA.sh -newreq this generated a file newreq.pem, which I believe contains a passphrase-protected rsa key and a certificate. I then use openssl rsa -in newreq.pem -out key.pem, which asks for the passphrase; this generates a file key.pem. which is the same rsa key but unprotected. I paste this key back into newreq.pem, replacing the pass-phrase-protected key, and rename the thing: mv newreq.pem imaps-newreq.pem When I put this file in /etc/opt/bincimap and point to it in bincimap.conf, and then run fetchmail --protocal IMAP --ssl etc from another machine, the fetchmail fails with fetchmail: SSL connection failed. and the bincimap log shows @400000003fb611bd0d301364 30341 0 [EMAIL PROTECTED]:] Error initializing Binc IMAP: SSL negotiation failed: SSL error: unable to use certificate in PEM file: /etc/opt/bincmail/imaps-newreq.pem: error:02001002:system library:fopen:No such file or directory When I put the file in a different directory and change the .conf file to match, I get @400000003fb6191e128d1794 31104 0 [EMAIL PROTECTED]:] Error initializing Binc IMAP: SSL negotiation failed: SSL error: unable to use certificate in PEM file: /usr/share/ssl/certs/imaps-newreq.pem: error:0906D06C:PEM routines:PEM_read_bio :no start line and fetchmail fails with the same error. How can I get imaps to use the certificate? imaps-newreq.pem looks like: -----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQDYeDUXZwIh3AOpwsqY/cWo2ll1s+NDfLvTuyQY3TIznK8bwlpn ... LkDGOnir0OPszwgfC3XRZz1/hkqnkcrdlelaAc9LObwaXQ== -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE REQUEST----- MIIByTCCATICAQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u ... -----END CERTIFICATE REQUEST----- Thanks, Joel
