hi ! i removed the third line and put the privatekey.pem and cert.pem in one file and now it�s working fine :-)
thanks for your answer greets andi -----Urspr�ngliche Nachricht----- Von: Ken Anderson [mailto:[EMAIL PROTECTED] Gesendet: Freitag, 14. November 2003 17:29 An: Andi Sch�ler Cc: Subscribers of Qpopper Betreff: Re: qpopper + ssl problems Andi Sch�ler wrote: > hi there! > > i tried to use qpopper with ssl but it don�t want to work. > i get always this error when i try to test qpopper with ssl: > > [EMAIL PROTECTED]: openssl s_client -key ca.key -cert cert.pem -ssl2 -connect > homer:pop3s > Enter PEM pass phrase: > CONNECTED(00000003) > write:errno=104 > > in /var/log/maillog: > Homer popper[31320]: Config file /etc/mail/pop/qpopper.config line 3 too > long > > > this is the content of the /etc/mail/pop/qpopper.config file: > set tls-support = alternate-port > set tls-server-cert-file = /etc/mail/certs/cert.pem > set tls-private-key-file = /etc/mail/certs/privatekey.pem Mine's running in 'server-mode', not out of inetd, but the line 3 error above seems significant. Here's what I have in my config: set tls-support = alternate-port set tls-server-cert-file = /etc/mail/certs/cert.pem Both the private key and the cert are in the cert.pem file. Ken A. Pacific.Net > > what i did: > > compiled qpopper with ssl support > ./configure --with-openssl=/usr/local/openssl > no errors > make & make install > > > i put this in the /etc/inetd.conf: > spop3 stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/popper -s -f > /etc/mail/pop/qpopper.config > instead of the normal pop3 section > > /etc/services is also ok: > pop3s 995/tcp spop3 # pop3 protocol over TLS/SSL > pop3s 995/udp spop3 # pop3 protocol over TLS/SSL > > > now i made some dirs in /etc/mail : > mkdir /etc/mail/certs > mkdir /etc/mail/pop > chmod 600 /etc/mail/certs > chmod 600 /etc/mail/pop > > > i created an CA_Key: > openssl genrsa -des3 -out ca.key 1024 > > created an CA_Certificate: > openssl req -new -x509 -days 3650 -key ca.key -out ca.crt > > created certificate for testing: > openssl req -new -nodes -key ca.key -out req.pem -keyout cert.pem > > confirm the testcertificate: > openssl x509 -req -CA ca.crt -CAkey ca.key -days 3650 -in req.pem -out > cert.pem -CAcreateserial > > changed key: > openssl rsa -in ca.key -out privatekey.pem > > when i check the sums it�s all the same: > openssl x509 -noout -modulus -in cert.pem | openssl md5 > openssl rsa -noout -modulus -in ca.key | openssl md5 > openssl rsa -noout -modulus -in privatekey.pem | openssl md5 > > now i copied the privatekey.pem and cert.pem: > cp privatekey.pem ../certs/ > cp cert.pem ../certs/ > cd ../certs > chmod 600 * > > kill HUP -inetdid > > when i test now the connection with this method from /etc/mail/pop/: > openssl s_client -key ca.key -cert cert.pem -ssl2 -connect homer:pop3s > i get the error from above > > does anyone knows wheres my error? > > my system is: slackware 8.1, 2.4.22, qpopper4.0.4, openssl-0.9.7 > > thanks for help! > greets andi > > >
