[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Fwd: Cyrus and SSL




On Fri, 2006-12-08 at 05:28 -0500, redhatdude bellsouth net wrote:
This is the error I get when I try to connect to cyrus-imapd using ssl.

Dec 8 05:22:43 master[15783]: about to exec /usr/lib/cyrus-imapd/ imapd
Dec  8 05:22:43 imaps[15768]: accepted connection
Dec  8 05:22:43 imaps[15783]: executed
Dec  8 05:22:43 imaps[15768]: unable to get certificate from '/etc/
pki/cyrus-imapd/cyrus-imapd.pem'
Dec 8 05:22:43 imaps[15768]: TLS server engine: cannot load cert/ key
data
Dec  8 05:22:43 imaps[15768]: error initializing TLS
Dec  8 05:22:43 imaps[15768]: Fatal error: tls_init() failed
Dec 8 05:22:43 imaps[15768]: DBERROR db4: Database handles remain at
environment close
Dec 8 05:22:43 imaps[15768]: DBERROR db4: Open database handle: / var/
lib/imap/tls_sessions.db
Dec  8 05:22:43 imaps[15768]: DBERROR: error exiting application:
Invalid argument
Dec  8 05:22:43 master[15756]: process 15768 exited, status 75
Dec 8 05:22:43 master[15756]: service imaps pid 15768 in BUSY state:
terminated abnormally

If I don't use SSL it works fine. I even tried creating my own certs
and it's just the same.
Please help.
EJ
----
TLS server engine: cannot load cert/key data is certainly a problem but evidently there is also something very wrong with /var/ lib/imap/tls_sessions.db

you might want to delete that file and restart cyrus-imapd so it gets recreated. I would presume that it like all other things cyrus-imapd should be cyrus:mail ownership and in checking on my system, that file is 600.

you might want to check dmesg/syslog/audit.log to see if selinux is involved in /var/lib/imap/tls_sessions.db issue too.

Craig


SeLinux is turned off. I deleted /var/lib/imap/tls_sessions.db and cyrus created a new one. I created the certs for cyrus, changed ownership to cyrus:mail and did chmod 600. I'm still having the same problem.

EJ

I've done everything possible to get cyrus to read my certs or keys or anything created with openssl to no avail. I keep getting the same error. SSL works flawlessly with postfix, but not with cyrus. I'm starting to think it's a problem with cyrus.
Help please,
Thanks,
EJ


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]