[tpop3d-discuss] SSL Configuration
Dave Baker
dave at dsb3.com
Tue, 23 Dec 2003 08:39:53 -0500
On Tue, Dec 23, 2003 at 12:52:03PM +0100, Robert wrote:
> I?m using postfix 2.0.16. To get my mails I?m using tpop3d. A fine server
> small and quite easy to configure. Unfotunetely I can?t start the ssl part of
> tpop3d. Within the maillog apears folowing message:
>
> Dec 23 06:44:24 bigblue tpop3d[4536]: tls_create_context:
> /etc/httpd/conf/ssl.crt/server.crt: no start line
This seems to indicate that the crt file isn't valid.
> The certificate does work with my apache. Apache delivers ssl pages.
>
Are you using separate .crt and .key files? Perhaps apache and tpop are
running as different users and can't read the same file (access
permissions?) Perhaps one or the other is chrooted which alters the path
(although in either of these cases I'd expect a more informative error ...
saying 'no start line' makes me think the file is readable, but
misformatted).
Do you files have this format, with the BEGIN/END lines around the
certificate content? For what it's worth, my apache and tpop3d cert files
are identical -- perhaps apache is more forgiving on the format of the
files and can live without the header/footer??
# cat server.key
-----BEGIN RSA PRIVATE KEY-----
(...)
-----END RSA PRIVATE KEY-----
# cat server.crt
-----BEGIN CERTIFICATE-----
(...)
-----END CERTIFICATE-----
Dave
--
- Dave Baker : dave@dsb3.com : http://dsb3.com/ -
GnuPG: 1024D/D7BCA55D / 09CD D148 57DE 711E 6708 B772 0DD4 51D5 D7BC A55D