Article 7796 at 06/10/31 21:47:38 From: jes (at mark) enavn.com Subject: [coba-e:07796] Re: POPS, SMTPS and IMAPS errors

Index: [Article Count Order] [Thread]
Date:  Tue, 31 Oct 2006 13:31:11 +0100
From:  Jes Kasper Klittum <jes (at mark) enavn.com>
Subject:  [coba-e:07796] Re: POPS, SMTPS and IMAPS errors
To:  coba-e (at mark) bluequartz.org
Message-Id:  <4547420F.4060309 (at mark) enavn.com>
In-Reply-To:  <20061031113526.M14233 (at mark) vaporised.com>
References:  <4541B165.4020806 (at mark) enavn.com> <4545DE69.2060903 (at mark) enavn.com> <20061030122606.M14154 (at mark) vaporised.com> <4545FE67.3040001 (at mark) enavn.com> <20061030154014.M39176 (at mark) vaporised.com> <45471E3C.6060008 (at mark) enavn.com> <20061031113526.M14233 (at mark) vaporised.com>
X-Mail-Count: 07796

Vapor wrote:
> 
> That may not be dovecot but sendmail.
> 
> Try fiddling with your sendmail.mc - the lines below are all in there:
> 
> dnl #
> dnl # Rudimentary information on creating certificates for sendmail TLS:
> dnl #     make -C /usr/share/ssl/certs usage
> dnl #
> define(`confCACERT_PATH',`/usr/share/ssl/certs')
> define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
> define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
> define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
> 
> Remember to backup your mc/cf before doing a "make" in case they aren't in sync.

I now edited the sendmail.mc file and inserted this:

define(`confCACERT_PATH',`/usr/share/ssl/certs')
define(`confCACERT',`/etc/httpd/conf/ssl.crt/ca_new.txt')
define(`confSERVER_CERT',`/etc/httpd/conf/ssl.crt/server.crt')
define(`confSERVER_KEY',`/etc/httpd/conf/ssl.key/server.key')

performed `make`and restarted sendmail.

Now I get this error in maillog:

Oct 31 13:28:37 bq1 sendmail[16295]: starting daemon (8.13.1): SMTP
Oct 31 13:28:37 bq1 sendmail[16295]: STARTTLS: CRLFile missing
Oct 31 13:28:37 bq1 sendmail[16295]: STARTTLS=server, error: 
SSL_CTX_check_private_key failed(/etc/httpd/conf/ssl.key/server.key): 0
Oct 31 13:28:37 bq1 sendmail[16295]: STARTTLS=server: 
16295:error:0B080074:x509 certificate 
routines:X509_check_private_key:key values mismatch:x509_cmp.c:389:
Oct 31 13:28:37 bq1 sendmail[16295]: STARTTLS=server: 
16295:error:140A80BE:SSL routines:SSL_CTX_check_private_key:no private 
key assigned:ssl_lib.c:777:
Oct 31 13:28:37 bq1 sendmail[16295]: started as: /usr/sbin/sendmail -bd 
-OPrivacyOptions=noetrn -ODeliveryMode=queueonly 
-OQueueDirectory=/var/spool/mqueue.in -OPidFile=/var/run/sendmail.in.pid

/Jes