hi there!
i tried to use qpopper with ssl but it don�t want to work. i get always this error when i try to test qpopper with ssl:
[EMAIL PROTECTED]: openssl s_client -key ca.key -cert cert.pem -ssl2 -connect homer:pop3s Enter PEM pass phrase: CONNECTED(00000003) write:errno=104
in /var/log/maillog: Homer popper[31320]: Config file /etc/mail/pop/qpopper.config line 3 too long
this is the content of the /etc/mail/pop/qpopper.config file: set tls-support = alternate-port set tls-server-cert-file = /etc/mail/certs/cert.pem set tls-private-key-file = /etc/mail/certs/privatekey.pem
Mine's running in 'server-mode', not out of inetd, but the line 3 error above seems significant. Here's what I have in my config:
set tls-support = alternate-port set tls-server-cert-file = /etc/mail/certs/cert.pem
Both the private key and the cert are in the cert.pem file.
Ken A. Pacific.Net
what i did:
compiled qpopper with ssl support ./configure --with-openssl=/usr/local/openssl no errors make & make install
i put this in the /etc/inetd.conf: spop3 stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/popper -s -f /etc/mail/pop/qpopper.config instead of the normal pop3 section
/etc/services is also ok: pop3s 995/tcp spop3 # pop3 protocol over TLS/SSL pop3s 995/udp spop3 # pop3 protocol over TLS/SSL
now i made some dirs in /etc/mail : mkdir /etc/mail/certs mkdir /etc/mail/pop chmod 600 /etc/mail/certs chmod 600 /etc/mail/pop
i created an CA_Key: openssl genrsa -des3 -out ca.key 1024
created an CA_Certificate: openssl req -new -x509 -days 3650 -key ca.key -out ca.crt
created certificate for testing: openssl req -new -nodes -key ca.key -out req.pem -keyout cert.pem
confirm the testcertificate: openssl x509 -req -CA ca.crt -CAkey ca.key -days 3650 -in req.pem -out cert.pem -CAcreateserial
changed key: openssl rsa -in ca.key -out privatekey.pem
when i check the sums it�s all the same: openssl x509 -noout -modulus -in cert.pem | openssl md5 openssl rsa -noout -modulus -in ca.key | openssl md5 openssl rsa -noout -modulus -in privatekey.pem | openssl md5
now i copied the privatekey.pem and cert.pem: cp privatekey.pem ../certs/ cp cert.pem ../certs/ cd ../certs chmod 600 *
kill HUP -inetdid
when i test now the connection with this method from /etc/mail/pop/: openssl s_client -key ca.key -cert cert.pem -ssl2 -connect homer:pop3s i get the error from above
does anyone knows wheres my error?
my system is: slackware 8.1, 2.4.22, qpopper4.0.4, openssl-0.9.7
thanks for help! greets andi
