Author Topic: Dovecot Configuration Script for Rebuid  (Read 2925 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Dovecot Configuration Script for Rebuid
« on: February 13, 2015, 07:01:00 PM »
I think there is a bug in the configuration for the mail server rebuild.
Specifically, the configuration file is being built with the appropriate hostname ssl certificate. However, maybe this is intended, the configuration files does this:

ssl = yes
ssl_cert = </etc/pki/tls/certs/hostname.tld.crt
ssl_key = </etc/pki/tls/private/hostname.tld.key
ssl_verify_client_cert = no
ssl_ca =

The builtin SSL generator however produces files here:
/etc/pki/tls/certs/hostname.tld.crt
/etc/pki/tls/certs/hostname.tld.key (The SSL generates into the certs folder, not the private folder)

Is this intentional? if so it means manually moving the key file to the private folder so that the configuration pics it up.
Otherwise it could simply use the certs folder that the SSL generator produces the files into.

Anyway, just a though, if the recommended process is to move the key to the private folder, then can the SSL generator place it there itself?
In /etc/pki/tls/openssl.cnf I find where it states to place the generated cert files, but it does not separate the .key file on any particular line.

Offline
**
Re: Dovecot Configuration Script for Rebuid
« Reply #1 on: February 19, 2015, 11:01:39 PM »
in my case is .cert not .crt
had to rename .cert and manually move .key filde  ;D