atom feed3 messages in net.sourceforge.lists.courier-users[courier-users] ssl certificates problem
FromSent OnAttachments
Andrei IordacheSep 29, 2004 4:22 pm 
Sam VarshavchikSep 29, 2004 4:30 pm 
m...@rtij.nlSep 30, 2004 2:32 am 
Subject:[courier-users] ssl certificates problem
From:Andrei Iordache (andr@hotmail.com)
Date:Sep 29, 2004 4:22:01 pm
List:net.sourceforge.lists.courier-users

I am trying to set up imapd-ssl. If I use the mkimapdcert script, everything works fine. The problem is that the script creates a certificate file with both private and public keys in it. If I try to split it in 2 like this:

courier-key.pem:

-----BEGIN RSA PRIVATE KEY----- Private key stuff -----END RSA PRIVATE KEY-----

courier-cert.crt:

-----BEGIN CERTIFICATE----- Certificate stuff -----END CERTIFICATE-----

and I instruct [for example] imapd-ssl to use the courier-key.pem (after I import the file courier-cert.crt in my email client ie Outlook Express), it doesn't work anymore. I find in the logs something like

k-server imapd-ssl: couriertls: /path-to-the-certificate/courier-key.pem: error:0906D06C:PEM routines:PEM_read_bio:no start line

This also happens if I generate the certificate manually with openssl (a x509 that is, i have read the documentation, it says that "SSL requires a valid, signed, X.509 certificate to be installed where Courier expects to find it") and if I put the private key into a separate file than the public (the actual ceritificate, isn't it?) one. I also am making sure that both files have a new end-line each.

Am I doing something wrong ?