On Thu, 20 May 2004 14:41:45 +0100, Torgeir Veimo <[EMAIL PROTECTED]>
wrote:
On Thu, 2004-05-20 at 09:15 -0400, Henry Baragar wrote:
On Thu, 20 May 2004 10:27:56 +0100, Torgeir Veimo <[EMAIL PROTECTED]>
wrote:
> (resending..)
>
> Hi,
>
> normal imap (bincimap 1.2.7final) works ok (qmail-ldap installation),
> but imaps doesn't.
>
> [EMAIL PROTECTED] openssl s_client -connect localhost:993 -crlf
> CONNECTED(00000003)
> write:errno=104
>
> I'm not shure where to start looking.
What do the logs say?
@4000000040acb2a503e1a50c 25638 0 [EMAIL PROTECTED]:] error
initializing Binc IMAP: SSL negotiation failed: SSL error: unable to use
certificate in PEM file: /var/qmail/control/bincimap.pem:
error:0906D06C:PEM routines:PEM_read_bio:no start line
This must be the problem..
Yes.
I might have been too smart trying to reuse
the cert file I use for smtp SSL. Also tried certificate created using
make cert in bincimap build directory.
I use the same pem file for: Binc IMAP, Apache (Squirrelmail with SSL) and
qmail+auth+SSL. I think I used the same file for Courier when I was
running courier. I think that it is good to one pem file for all
activities associated with one task (email in this case).
They both look like
-----BEGIN RSA PRIVATE KEY-----
[...]
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE REQUEST-----
[...]
-----END CERTIFICATE REQUEST-----
Here's the problem. You are using the wrong file or did not complete the
certificate creation process (the "openssl ca -out cert.pem -in req.pem"
step is missing). The file should look like
-----BEGIN RSA PRIVATE KEY-----
[...]
-----END RSA PRIVATE KEY-----
----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
/var/qmail/bin/auth_pop \
See http://lifewithbincimap.org/index.php/Main/QmailLdap or
http://lifewithbincimap.org/index.php/Main/LifeWithCheckpasswordAndFriends.
Henry:-)
--
Henry Baragar
Instantiated Software Inc.
http://www.instantiated.ca
