Op donderdag 9 februari 2023 11:23:55 CET schreef Marcus Meissner:
On Thu, Feb 09, 2023 at 10:26:08AM +0100, Freek de Kruijf wrote:
Op zondag 5 februari 2023 15:19:36 CET schreef u:
After Tumbleweed upgrading to 20230202 dovecot starts up OK, but KMail does
not connect anymore. The error messages, when attempting to connect are: Now the error messages are:
2023-02-09T10:21:45.262522+01:00 eiktum dovecot: imap-login: Error: Failed to initialize SSL server context: Can't load SSL certificate (ssl_cert setting): error:0A00018F:SSL routines::ee key too small: user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session=
2023-02-09T10:21:45.262704+01:00 eiktum dovecot: imap-login: Disconnected: TLS initialization failed. (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session= 2023-02-09T10:21:45.284342+01:00 eiktum dovecot: imap-login: Error: Failed to initialize SSL server context: Can't load SSL certificate (ssl_cert setting): error:0A00018F:SSL routines::ee key too small: user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session= 2023-02-09T10:21:45.284467+01:00 eiktum dovecot: imap-login: Disconnected: TLS initialization failed. (no auth attempts in 0 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured, session= "key too small" ... How many bits has your key?
Ciao, Marcus
Generated with /usr/share/dovecot/mkcert.sh and /usr/share/dovecot/dovecot- openssl.cnf which currently contains default_bits = 2048 I regenerated the key with the above method and now dovecot works again. openssl x509 -subject -fingerprint -nout -in <old crt key> gives an error Unknown digest 4087FDCA007F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:373:Global default library context, Algorithm (nout : 0), Properties (<null>) -- fr.gr. member openSUSE Freek de Kruijf