On 26 Mar 2002, Ramiro Morales writes (as part of a series of ideas): > tls_cert_file: /usr/local/lib/ssl/newcert.cer > tls_key_file: /usr/local/lib/ssl/key.pem > > with these SSL cert and key files created as > described in the install-configure.html file?
This one was the solution. Many thanks! I feel somewhat silly... I should have RTFMed... and yet... in a way, I *did*! I read the imapd.conf man page, which supposedly lists all possible options which can be placed within that file. I did so more than once. It does not include these two, nor anything relating to TLS or SSL. I did not go through the HTML install docs step by step, because the install was already done by the RPM. Red Hat's apache RPMs go so far as to set it up to create use self-signed SSL certificates automatically, when the mod_ssl RPM is installed. This might be a nice enhancement for future cyrus-imapd RPMs. I'll happily script just such an automated setup (now that it works for me manually!) and send you a patch against your cyrus-imapd.spec file, if that would be useful. One other way to 'alert' people (like me!) to these options could be to include them, commented out, in the RPM-supplied default imapd.conf file. This problem (lack of info on tls_* options in the imapd.conf man page) seems to have been fixed in the 2.1.3 man page, so only people like me who are still a little wary of the newness of 2.1.x and SASLv2, and who prefer RPMs when they can get them, will run into this... Thanks again for pointing me in the right direction, Jonathan
