Sam Varshavchik wrote: > Thomas writes: > >> Hi, >> >> I'm running Courier IMAP 4.0.2 over SSL with a self-signed >> certificate. I have recently bought a GlobalSign certificate that i >> want to use instead, but it doesn't work. I have created a file >> containing the key and the certificate to replace the imapd.pem. I >> have also set TLS_TRUSTCERTS to point to the GlobalSign CA cert. >> However i get this error in /var/log/maillog: >> >> imapd-ssl: Enter PEM pass phrase:Enter PEM pass phrase:Enter PEM pass >> phrase:Enter PEM pass phrase:Enter PEM pass phrase:Enter PEM pass >> phrase:Enter PEM pass phrase:Enter PEM pass phr >> ase:Enter PEM pass phrase:Enter PEM pass phrase: >> imapd-ssl: couriertls: /usr/local/share/real-cert.pem: >> error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt >> >> Any suggestions? > > This is a passphrase-protected certificate key. Courier cannot use > passphrase-protected certificate keys. > > And it's not TLS_TRUSTCERTS that you have to set, but TLS_CERTFILE, > which you already have properly set. It's just that your certificate > key is passphrase protected, which cannot be use with an automated start > script. It's obviously not feasible for you to employ someone to sit in > front of your console 24 hours a day, typing in your passphrase for each > incoming SSL connection :-) >
Ok, thank you for the answer. That really sucks...i got it working with Apache which just asked for the password at startup. Why isn't there a similar solutions in Courier? Does it mean that Courier can't be used with "real" certificates? > > > > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > > > ------------------------------------------------------------------------ > > _______________________________________________ > Courier-imap mailing list > [email protected] > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Courier-imap mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
