If you find these types of errors in your maillog:
courier-imaps: couriertls: read: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
or
courier-imaps: couriertls: /usr/share/imapd.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
Probably you have to create a news certified. Let go:
Make a backup of you old certified, you can edit courier, dovecot and postfix files configs to know where is it (/etc/courier-imap/imap-ssl and /etc/courier-pop3d-ssl, /etc/postfix/main.cf and /etc/dovecot/dovecot.conf):
mkdir certbackup
cp /usr/share/pop3d.pem certbackup
cp /usr/share/imapd.pem certbackup
cp /etc/postfix/postfix_default.pem certbackup
cp /etc/dovecot/private/ssl-cert-and-key.pem certbackup
Now, you have to create a private key and certified. Importan to respond to 'Common Name'.
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout cert.key -out cert.csr
...
Common Name (eg, your name or your server's hostname) []:www.domain.com
...
cp cert.key /usr/share/pop3d.pem
cat cert.key cert.csr > /usr/share/imapd.pem
cat cert.key cert.csr > /etc/postfix/postfix_default.pem
cat cert.key cert.csr > /etc/dovecot/private/ssl-cert-and-key.pem
Restart courier, dovecot and postfix.
courier-imaps: couriertls: read: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
or
courier-imaps: couriertls: /usr/share/imapd.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line
Probably you have to create a news certified. Let go:
Make a backup of you old certified, you can edit courier, dovecot and postfix files configs to know where is it (/etc/courier-imap/imap-ssl and /etc/courier-pop3d-ssl, /etc/postfix/main.cf and /etc/dovecot/dovecot.conf):
mkdir certbackup
cp /usr/share/pop3d.pem certbackup
cp /usr/share/imapd.pem certbackup
cp /etc/postfix/postfix_default.pem certbackup
cp /etc/dovecot/private/ssl-cert-and-key.pem certbackup
Now, you have to create a private key and certified. Importan to respond to 'Common Name'.
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout cert.key -out cert.csr
...
Common Name (eg, your name or your server's hostname) []:www.domain.com
...
cp cert.key /usr/share/pop3d.pem
cat cert.key cert.csr > /usr/share/imapd.pem
cat cert.key cert.csr > /etc/postfix/postfix_default.pem
cat cert.key cert.csr > /etc/dovecot/private/ssl-cert-and-key.pem
Restart courier, dovecot and postfix.
Comentarios