Hello J.D.,
Sunday, February 11, 2001, 9:09:07 AM, you wrote:
JDB> the trouble I am having is getting qpopper4 to start SSL:
JDB> Feb 11 08:05:08 zeus ./popper4[2249]: Error setting certificate PEM file
JDB> /var/spool/mail/certs/cert.pem
JDB> Feb 11 08:05:08 zeus ./popper4[2249]: ...SSL error: error:0906D06C:PEM
JDB> routines:PEM_read_bio:no start line
JDB> Feb 11 08:05:08 zeus ./popper4[2249]: ...SSL error: error:140AD009:SSL
JDB> routines:SSL_CTX_use_certificate_file:missing asn1 eos
JDB> Feb 11 08:05:08 zeus ./popper4[2249]: Failed initializing TLS/SSL
Though I am by far no expert regarding SSL, nor have I used QP 4, I'll
take a stab since it's Sunday and things are slow.
In my previous experiences, the above errors would indicate a bad cert
file. If you already have a CA signed cert/key combo (you can
generate these yourself for testing purposes), try combining the two
into a file named cert.pem and replacing the one referenced above.
The pem cert file contents should look similar to, and be ordered as
such:
[root@server]$ cat cert.pem
-----BEGIN RSA PRIVATE KEY-----
...
PJi/2VeO0PzhD705aOJBt7086r4wlJkjOs+UsPo2
iIzmrlJK7R5FZM4qxnmev5bZtztuQswtMvqZ1HsK
...
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
...
DS6yGrB+UyICyFQHAjt8RUhZWx06bLHtQSSZRGKb
BAMCBkAwDgYDVR0PAQH/BAQDAgTwMB8GA1UdIwQY
...
-----END CERTIFICATE-----
[root@server]$
The '...' represent the rest of the encoded key/cert contents.
HTH
--
Best regards,
Brian Curtis
