Hi all, I’m a little new at the whole SSL thing. I’ve got my VPS nicely running Virtualmin with no problem, all’s working fine except pop3 and imap connections have no proper certificate to validate the server.
I pointed postfix to the crt, key and authority crt in the webmin postfix settings. I now get the error saying that the server does not match the cert domain (which I’m sure it does :S)
Have I done something wrong / does anyone have a tutorial I can follow? I’ve googled around for quite a good few hours and have been unable to find out how to do what I want to do! (if that’s what I want to do?!)
To setup your SSL cert for use with POP/IMAP (within Dovecot) – you’d select your Virtual Server that is setup with the SSL cert, go into Server Configuration -> Manage SSL certificates, then select the “Copy to Dovecot” option.
Once you’ve done that, Dovecot should be configured to use your SSL cert.
If not, you might try manually restarting Dovecot with:
I did the same steps now and after I restarted dovecot I received following warning:
[root@xxx ~]# /etc/init.d/dovecot restart
Stopping Dovecot Imap: [ OK ]
Starting Dovecot Imap: doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:84: ssl_cert_file has been replaced by ssl_cert =
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:85: ssl_key_file has been replaced by ssl_key =
[ OK ]
but there is no warning when I restarted postfix
[root@xxx ~]# /etc/init.d/postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
tried to copy the SSL CA again and the same warning:
[root@xxx ~]# /etc/init.d/dovecot restart
Stopping Dovecot Imap: [ OK ]
Starting Dovecot Imap: doveconf: Warning: NOTE: You can get a new clean config file with: doveconf -n > dovecot-new.conf
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:84: ssl_cert_file has been replaced by ssl_cert =
doveconf: Warning: Obsolete setting in /etc/dovecot/dovecot.conf:85: ssl_key_file has been replaced by ssl_key =
[ OK ]
[root@xxx ~]# /etc/init.d/postfix restart
Shutting down postfix: [ OK ]
Starting postfix: [ OK ]
[root@xxx ~]#
Okay, it actually looks like that should all be working then. That’s just a warning, not an error.
Now, I’ll speak with Jamie about making sure that the correct Dovecot config syntax is being used on the Dovecot version that comes with CentOS 6 – Virtualmin may be using older syntax when adding SSL information in there.
However, it does sound like it’s working, so Virtualmin just needs to be tweaked so that it doesn’t use syntax that generates a warning message in Dovecot.
could be syntax yes… can You please remember my email address and let me know once you fix it ?
It seems that SSL is working fine because when I added an email account on iPhone 4 it does not complain
about SSL … because its an purchased valid CA which is just copied to dovecot and postfix so its
working just fine and I am able to send and receive the emails…
But any way it would be nice to fix … so please let me know once it`s fixed …
Well, it’s not possible to send out notices whenever a specific bug is fixed – however, I’ll be telling Jamie about this today, so I’d expect to see it corrected within a few weeks.
