On Mon, 2025-10-06 at 12:23 -0400, Jason J.G. White via dovecot wrote: > I'm trying Dovecot 2.4.1 under Fedora 43 beta with all packages up to > date. I've encountered several issues after attempting to update my > configuration. The main problem is this: whenever a client attempts > to connect, I get the following error > > Error: Failed to initialize SSL connection: Couldn't initialize SSL > server context: Can't load SSL certificate (ssl_server_cert_file > setting): error:0A00018F:SSL routines::ee key too small:
There are some quirks in 2.4.1 where environment variables don't work
for ssl cert specification (or in some other areas).
May be different issue to yours, as this might have been a problem
using doveconf to check config, or at server start. But it was quite
some time back now, so not sure at this point. It has been working
quite well here.
But, in case it's relevant, you may want to avoid env things: i.e.
#
# dont use the $ENV.xxx to specify cert dir stuff - it doesn't work. #
# Fill in the path explicitly.
#
ssl_server {
# broken: cert_file = $ENV:cert_dir/fullchain.pem
# broken: key_file = $ENV:cert_dir/privkey.pem
cert_file = /path/to/fullchain.pem
key_file = /path/to/privkey.pem
prefer_ciphers = client
}
--
Gene
signature.asc
Description: This is a digitally signed message part
_______________________________________________ dovecot mailing list -- [email protected] To unsubscribe send an email to [email protected]
