I'm using SSL for dovecot, and dovecot kindly warned me on startup that I needed the ssl_dh parameter, which I specified:
# grep -P '^ssl_dh' /etc/dovecot/conf.d/10-ssl.conf ssl_dh = </etc/dovecot/dh.pem And I generated the file, as specified in the comment: # openssl dhparam -out /etc/dovecot/dh.pem 4096 The file contains the appropriate headers: # grep -P '^\-' /etc/dovecot/dh.pem -----BEGIN DH PARAMETERS----- -----END DH PARAMETERS----- However, when I restart dovecot (`systemctl restart dovecot`) I get the following error: lmtp(8221): Error: SSL context initialization failed, disabling SSL: Couldn't parse DH parameters: error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: DH PARAMETERS This message repeats 5 times (presumably for each dovecot service?). In /var/log/dovecot/imap.log, I see the same error. I even gave permission to the `dh.pem` file for the *vmail* user and group, but that didn't seem to change anything. Any ideas? Thanks.
Description: This is a digitally signed message part.