Error Reading Certificate File /var/qmail/control/servercert.pem
Re: [toaster] Toaster pop3s error Did you run make cert ??? Tarique Saleh Mahmud wrote, On 2008-06-24 7:35 PM: I am running Bill's Qmail Toaster 9.02 in debian Etch. I get following error while trying to use pop3s: @40004860fd0f09951254 tcpserver: ok 9366 0:127.0.0.1:995 :127.0.0.1::52357 @40004860fd0f09a6738c 2008.06.24 19:56:21 LOG5[9366:3083282112]: Using 'qmail-popup' as tcpwrapper service name @40004860fd0f09c6a5bc 2008.06.24 19:56:21 LOG5[9366:3083282112]: Could not load DH parameters from /var/qmail/control/servercert.pem @40004860fd0f09c6c114 2008.06.24 19:56:21 LOG4[9366:3083282112]: Diffie-Hellman initialization failed @40004860fd0f09c94d6c 2008.06.24 19:56:21 LOG3[9366:3083282112]: Error reading certificate file: /var/qmail/control/servercert.pem @40004860fd0f09c9af14 2008.06.24 19:56:21 LOG3[9366:3083282112]: SSL_CTX_use_certificate_chain_file: error:0906D06C:PEM routines:PEM_read_bio:no start line Please advise. Thanks, Tarique Re: [toaster] Toaster pop3s error 2008-06-25 Thread Alejandro Perretta did you try this ? openssl ciphers /var/qmail/control/tlsclientciphers openssl ciphers /var/qmail/control/tlsserverciphers On Wed, Jun 25, 2008 at 4:33 AM, Tarique Saleh Mahmud [EMAIL PROTECTED] wrote: Yes I run make cert as per bill's toaster guide. -Tarique *From:* Satish Alwani [mailto:[EMAIL PROTECTED] *Sent:* Tuesday, June 24, 2008 8:45 PM *To:* toaster@shupp.org *Subject:* Re: [toaster] Toaster pop3s error Did you run make cert ??? Tarique Saleh Mahmud wrote, On 2008-06-24 7:35 PM: I am running Bill's Qmail Toaster 9.02 in debian Etch. I get following error while trying to use pop3s: @40004860fd0f09951254 tcpserver: ok 9366 0:127.0.0.1:995 :127.0.0.1::52357 @40004860fd0f09a6738c 2008.06.24 19:56:21 LOG5[9366:3083282112]: Using 'qmail-popup' as tcpwrapper service name @40004860fd0f09c6a5bc 2008.06.24 19:56:21 LOG5[9366:3083282112]: Could not load DH parameters from /var
& Site Management Integration Options Developers eMail Components CloudLinux Extensions Extension Catalog Submit your Extension Plans & Pricing Support Resources FAQs Forums Knowledge Base Documentation Downloads Plesk University Release notes Blog Become a Partner Russian German French Spanish Chinese Japanese Italian Language English Russian German French Spanish Chinese Japanese Italian any Search How to сhange the default certificates for SMTP, IMAP, and POP3 over SSL? Article ID: 1062, created on Oct 6, 2008, last https://www.mail-archive.com/search?l=toaster@shupp.org&q=subject:%22Re%5C%3A+%5C%5Btoaster%5C%5D+Toaster+pop3s+error%22&o=newest&f=1 review on Aug 15, 2016 Applies to: Plesk for Linux/Unix Symptoms How to change the default certificates for SMTP, IMAP, and POP3 over SSL? Resolution The certificate for SMTP over SSL is located in the following files: For QMail MTA: /var/qmail/control/servercert.pem For Postfix MTA: /etc/postfix/postfix_default.pem For Dovecot: /etc/dovecot/private/ssl-cert-and-key.pem Note: Only QMail https://kb.plesk.com/en/1062 MTA is used in Plesk 8.x and earlier. Use instructions from KB #5801 article to define which MTA is used in Plesk 9.x and later. For IMAP4 and POP3 over SSL (only applicable for a Courier-IMAP server), the following certificate files are used: /usr/share/imapd.pem /usr/share/pop3d.pem Or: /usr/share/courier-imap/imapd.pem /usr/share/courier-imap/pop3d.pem By default, these are self-signed certificates for Plesk which are generated during the Plesk installation. If it is required to set up own certificates, copy and paste your certificate and Private Key into the appropriate files (create a backup before changing any files) and restart the qmail/postfix and courier-imap services: For Plesk version 8.6 and earlier: ~# /etc/init.d/xinetd restart ~# /etc/init.d/courier-imap restart For Plesk version 9.x and later: ~# /usr/local/psa/admin/sbin/mailmng --restart-service It is important that the domain the certificate is issued for to be specified. This will allow to avoid a warning that the certificate name does not match that of the host you
Post #1 of 17 (5219 views) Permalink Setting up pop3 with SSL using The Qmail Handbook I http://www.gossamer-threads.com/lists/qmail/users/118359 am trying to setup qmail with pop3 secure as explained in Dave Sill's book "The qmail Handbook". I went through all the steps to set this up exactly according to the book's instructions. I already have pop3 running with qmail just fine. When I tried telnetting to the localhost, I got the following error. @4000000040f2c7e20bf2f3cc tcpserver: pid 25571 from 127.0.0.1 error reading @4000000040f2c7e20bf2ff84 tcpserver: ok 25571 0:127.0.0.1:995 :127.0.0.1::36663 @4000000040f2c7e20f08d6bc /usr/sbin/stunnel: error while loading shared libraries: libc.so.6: failed to map segment from shared object: Cannot allocate memory @4000000040f2c7e20f12c5b4 tcpserver: end 25571 status 32512 So, I tried increasing the softlimit from 3000000 to 4000000. When I tried telnetting again, I got this. @4000000040f2c82835b9b344 tcpserver: pid 25580 from 127.0.0.1 @4000000040f2c82835b9bb14 tcpserver: ok 25580 0:127.0.0.1:995 :127.0.0.1::36664 error reading certificate @4000000040f2c82835b9c2e4 /usr/sbin/stunnel: error while loading shared libraries: libkrb5.so.3: failed to map segment from shared object: Cannot allocate memory @4000000040f2c82835b9d66c tcpserver: end 25580 status 32512 So again, I raised it to 5000000. Then I got. @4000000040f2c85e143f4bd4 tcpserver: pid 25633 from 127.0.0.1 @4000000040f2c85e143f53a4 tcpserver: ok 25633 0:127.0.0.1:995 :127.0.0.1::36665 @4000000040f2c85e143f5f5c Fatal memory allocation error @4000000040f2c85e143f672c tcpserver: end 25633 status 512 @4000000040f2c85e143f6b14 tcpserver: status: 0/100 Any ideas what may be wrong here??? I felt sure this was a softlimit problem because of the "cannot allocate memory" messages, but it seems to be something else. Also important to note, I just upgraded this machine from RH9 to FC1 over the weekend and I noticed many problems with openssl libraries. Namely that libcom_err.so.3 library has been removed from RH9 and replaced by libcom_err.so.2 in FC1. I don't know if this may be related or not. Thanks for any help. list-qmail at mcmilk Jul12,2004,10:58AM Post #2 of 17 (5140 views) Permalink Re: Setting up pop3 with SSL using The Qmail Handbook [In reply to] * Donboy2k <donboy2k [at] hotmail> wrote: > I am trying to setup qmail wit