On Jul 28, 2014, at 11:59, Paul Goyette <[email protected]> wrote:
> My imapd.pem appears to be a plain text file, starting with > > Certificate: > Data: > Version: 3 (0x2) > Serial Number: 3735943887 (0xdeadfacf) > Signature Algorithm: sha1WithRSAEncryption I think that's a certificate, not a private key, which now that I think of it, makes sense--/etc/openssl/certs contains certificates. After the human-readable text, is there a "-----BEGIN CERTIFICATE-----" line? The error message is "Unable to load private key from /etc/openssl/certs/imapd.pem". You should change path to the private key in your imapd's config file. Or if there's only one path (which I think is the case for Courier imapd), concatenate the private key and the certificate and store them in one file. You don't want to store the combined file in /etc/openssl/certs though--I keep mine in /usr/pkg/etc/courier/imapd.pem. So the combined file should have both "-----BEGIN RSA PRIVATE KEY-----" and "-----BEGIN CERTIFICATE-----" lines. > There is an associated imapd.crt which appears to be binary: > > # hexdump -C imapd.crt > 00000000 30 82 04 6a 30 82 03 52 a0 03 02 01 02 02 05 00 |0..j0..R........| > 00000010 de ad fa cf 30 0d 06 09 2a 86 48 86 f7 0d 01 01 |....0...*.H.....| > 00000020 05 05 00 30 81 9f 31 0b 30 09 06 03 55 04 06 13 |...0..1.0...U...| > ... At first I thought that might be the private key (in binary format), but the "de ad fa cf" matches the certificate serial number in imapd.pem, so perhaps it's just another copy of the certificate in binary format. -- Name: Dave Huang | Mammal, mammal / their names are called / INet: [email protected] | they raise a paw / the bat, the cat / FurryMUCK: Dahan | dolphin and dog / koala bear and hog -- TMBG Dahan: Hani G Y+C 38 Y++ L+++ W- C++ T++ A+ E+ S++ V++ F- Q+++ P+ B+ PA+ PL++
