LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-20-2007, 05:24 PM   #1
gracecourt
LQ Newbie
 
Registered: Dec 2002
Location: Cheshire, UK
Distribution: SuSE 9.3
Posts: 11

Rep: Reputation: 0
"Server certificate not installed" - obscure TLS issue (fix)


Just thought I'd post this after spending hours trying to make SquirrelMail work properly on a new SuSE 10.2 server...

I cannot tell a lie, I installed the last one with cleartext authentication between clients and server (well, it was over a VPN... poor excuse) but this time thought I would do it properly, with TLS security between clints and IMAP server. I knew what the problem was quite quickly... the IMAP software (/usr/sbin/imapd comes as part of the basic install) was complaining that there was no server certificate, giving:

NO STARTTLS failed: Server certificate not installed

... when testing with a dummy IMAP exchange using "telnet localhost 143" and typing "a001 STARTTLS" to see if it was all working OK.

To cut to the chase: I already had SSL working for SMTP (port 25) and for HTTPS (port 443), but exim and apache2 respectively clearly document where to put the certificates. Not so for the IMAP software, so I assumed it had to go into /etc/ssl/certs - but it didn't work.

The answer? The name of the certificate HAS TO BE imapd.pem - I knew it had to be a .pem file containing the signed certificate and unencrypted key, but I had named it with the name of my server.

Hope this is useful to anyone searching on the error message!
 
Old 05-30-2007, 04:09 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Thanks for sharing that explanation.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
errno: TLS definition in /lib64/libc.so.6 section .tbss mismatches non-TLS reference johnpaulodonnell Programming 2 07-25-2008 04:37 AM
FTP TLS / SSL Issue -- It works, but doesn't work. poweredbydodge Linux - Networking 0 10-31-2006 12:27 PM
Can I retrieve certificate expiry date from an openssl certificate (command line) davee Linux - Security 1 07-21-2006 10:28 AM
postgresql-server wont run for obscure reasons... supersucker Linux - Software 7 03-29-2005 07:00 PM
Obscure serial printer issue... DArque Bishop Linux - Hardware 3 08-27-2003 11:37 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:35 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration