Re: Testin new installation

Sun, 14 Jun 2015 06:56:57 -0700 

Am 13.06.2015 um 22:11 schrieb Steve Matzura:

On Sat, 13 Jun 2015 21:57:06 +0200, you wrote:


On Sat, Jun 13, 2015 at 03:41:26PM -0400, Steve Matzura wrote:

Trying ::1... # this is certainly suspect
Escape character is '^['.
Connection closed by foreign host.


This means the daemon is listening but errors out before able to process.
Check the logs.
Might be a dependency not starting, wrong permissions, certificate 
wrong/expired, etc..


Oh yes! Sorry for not having checked this before.

Jun 13 18:50:56 <my-node> dovecot: master: Error: service(pop3-login):
command startup failed, throttling for 2 secs
Jun 13 19:30:26 <my-node> dovecot: imap-login: Error: SSL: Stacked
error: error:0608308E:digital envelope
routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
Jun 13 19:30:26 <my-node> dovecot: imap-login: Fatal: Can't load
ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line
Jun 13 19:30:26 <my-node> dovecot: master: Error: service(imap-login):
command startup failed, throttling for 60 secs
Jun 13 19:31:27 <my-node> dovecot: imap-login: Error: SSL: Stacked
error: error:0608308E:digital envelope
routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
Jun 13 19:31:27 <my-node> dovecot: imap-login: Fatal: Can't load
ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line
Jun 13 19:31:27 <my-node> dovecot: master: Error: service(imap-login):
command startup failed, throttling for 60 secs
Jun 13 19:33:04 <my-node> dovecot: imap-login: Error: SSL: Stacked
error: error:0608308E:digital envelope
routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
Jun 13 19:33:04 <my-node> dovecot: imap-login: Fatal: Can't load
ssl_cert: error:0906D06C:PEM routines:PEM_read_bio:no start line
Jun 13 19:33:04 <my-node> dovecot: master: Error: service(imap-login):
command startup failed, throttling for 60 secs

I thought this was a possibility. It probably means I have
concatenated incorrect elements to form the certificate files.
Looks like there is something wrong with the format of your certificates. Do your files contain the start and end lines? 


The private key file should look like this:
-----BEGIN RSA PRIVATE KEY-----
cWgpJPyTE7yxI7cqREE8ULqn4eVJ85YckBNooOXGiumSkoTske7XIGNvRQWkpFUN
[...]
4LMADvl806xkVkoWDGqJvN2MrN4qeRWuiTQ4tqmi0xp8wfoKWD0q4A==
-----END RSA PRIVATE KEY-----


The public certificates file should look like this:
-----BEGIN CERTIFICATE-----
DwAwggEKAoIBAQCxpX2YsLeMT3GIMDtdJIoVkT+qe5PrpPL3omglJ+sKXnulM8JP
[... more stuff from your domains cert ...]
VmXZvW8oF1yaSQ/lSXZZ5Cg7mFZqqGrO5Sr15ZrduPlgdQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MDBaFw0yNDAyMjAxMDAwMDBaMEwxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
[... more stuff from your intermediate cert ...]
AQAwHQYDVR0OBBYEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MEUGA1UdIAQ+MDwwOg==
-----END CERTIFICATE-----

--
Alex JOST

Reply via email to