On 4/30/11 9:40 AM, Mihira Fernando wrote:
Ok, it seems imaps can't access my private key. This didn't show up in /var/log/mail, but /var/log/warn shows imaps unable to get my private key.
I had its permissions set as 400 root root. Changing it temporally to 444 resolves the issue. I know I can't leave my private key open like that. What is a good secure way to give imaps, or I suppose rather imapd access to read the key?
Many thanks,
Jim F
under what user name does the imapd daemon run ? set the private key to have read access for that user name as well.
Mihira. OK, giving cyrus read access to the private key worked. I can access my imap folders with thunderbird using either STARTTLS or SSL/TLS. Thanks so much for the persistent help.
So to recap, getting postfix/cyrus imap to work with a CA signed certificate I: 1. put the signed cert and intermediate CA and CA into one file, top to bottom in that order. Used that as my servercert.pem file. 2. granted cyrus read access to the private key (as well as root). Thanks to Mihiria, David, Per, Sandy and Dominique for the good help. Jim F -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org