Hi! I've solved the problem. During the upgrade I changed the MAILUSER and MAILGROUP def'd in "/etc/courier/esmtpd" from both being "courier" to both being "daemon". Once I changed the ownership of the esmtpd.pem.* files to daemon:daemon, things began working as before.
IT WOULD BE NICE, HOWEVER, if the *.pem.<ip_address> concept could be an officially supported and documented feature. My apologies. ______ Suresh -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Suresh Sent: Wednesday, November 20, 2002 7:04 AM To: [EMAIL PROTECTED] Subject: RE: [courier-users] Re: IP address specific SSL certificates for ESMTPD (esmtpd.pem.<ip_address>) broken in 0.40.1? Sam, Thanks for your prompt reply. None of my sysconfig (e.g. /etc/courier/*) files have changed from courier-0.38.x, nor have my certificates have changed. Four files of the pattern "/etc/courier/esmtpd.pem.<ip_address>" exist. The command: $ openssl s_client -connect mail.sastry.net:465 CONNECTED(00000003) write:errno=104 produces the /var/log/maillog error: Nov 20 06:53:06 mailserver esmtpd-ssl: couriertls: /etc/courier/esmtpd.pem: error:02001002:system library:fopen:No such file or directory If I put the file "/etc/courier/esmtpd.pem" in place, then I am able to successfully connect -- but obviously it is not IP-address specific. It would be great if you could look into the problem or guide me to the file in the couriertls sources where ip-address specific .pem files are selected into the system. ______ Suresh -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sam Varshavchik Sent: Monday, November 18, 2002 3:17 PM To: [EMAIL PROTECTED] Subject: [courier-users] Re: IP address specific SSL certificates for ESMTPD (esmtpd.pem.<ip_address>) broken in 0.40.1? [EMAIL PROTECTED] writes: > Am I doing something wrong or has a feature of courier been wiped > away? No, it hasn't. That's about all I can say. ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
