HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   IMAP Certificate Expired (http://www.howtoforge.com/forums/showthread.php?t=40505)

sgsterling 29th October 2009 08:41

IMAP Certificate Expired
 
A year ago I followed the How-To "Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Mandriva 2008.1)". It has worked perfect for a year ....

I'm sure you know where this is going. The default IMAP and POP3 certs that are generated with the Courier URPMI install/startup have expired, generating errors to the users.

I looked through the forum and found some references to the problem in other distro how-to's, but the pem files mentioned that need to be replaced I can't even find with locate.

I did find the scripts mkimapdcert and mkpop3cert, and updated the 365 day references and tried to rerun this scripts but received an error.

Any ideas on how to update the tls/ssl certs for courier in this Mandriva distro?

falko 30th October 2009 19:36

Have you tried to find the files with
Code:

locate cnf
?

sgsterling 31st October 2009 02:56

Yes-- did a locate cnf, I get:

locate cnf
/etc/my.cnf
/etc/pki/tls/openssl.cnf
/usr/share/doc/mysql-common/my-huge.cnf
/usr/share/doc/mysql-common/my-innodb-heavy-4G.cnf
/usr/share/doc/mysql-common/my-large.cnf
/usr/share/doc/mysql-common/my-medium.cnf
/usr/share/doc/mysql-common/my-small.cnf
/usr/share/mysql/my-huge.cnf
/usr/share/mysql/my-innodb-heavy-4G.cnf
/usr/share/mysql/my-large.cnf
/usr/share/mysql/my-medium.cnf
/usr/share/mysql/my-small.cnf
/usr/share/webmin/acl/openssl.cnf
/usr/share/webmin/blue-theme/mysql/images/cnf.gif
/usr/share/webmin/mysql/edit_cnf.cgi
/usr/share/webmin/mysql/save_cnf.cgi
/usr/share/webmin/mysql/help/cnf.ca.html
/usr/share/webmin/mysql/help/cnf.html
/usr/share/webmin/mysql/help/cnf.it.html
/usr/share/webmin/mysql/images/cnf.gif
/usr/share/webmin/openvpn/openvpn-ssl.cnf

Notice no imapd.cnf.

And if I try to run /usr/sbin/mkimapdcert I get--
error on line -1 of /etc/courier/imapd.cnf
29833:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/courier/imapd.cnf','rb')

since the expected file doesn't exist. Mandriva Courier RPM must be the problem, maybe they changed the name of the file or something.

falko 31st October 2009 14:38

Quote:

Originally Posted by sgsterling (Post 209136)
And if I try to run /usr/sbin/mkimapdcert I get--
error on line -1 of /etc/courier/imapd.cnf
29833:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/courier/imapd.cnf','rb')

since the expected file doesn't exist. Mandriva Courier RPM must be the problem, maybe they changed the name of the file or something.

I guess you need to create that file manually. Try something like this in it:


Code:

RANDFILE = /usr/lib/courier/imapd.rand

[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no

[ req_dn ]
C=US
ST=NY
L=New York
O=Courier Mail Server
OU=Automatically-generated IMAP SSL key
CN=localhost
emailAddress=postmaster@example.com


[ cert_type ]
nsCertType = server



All times are GMT +2. The time now is 04:26.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.