Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

mailserver problems with ssl certs mkpop3dcert [solved]
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Mgiese
Veteran
Veteran


Joined: 23 Mar 2005
Posts: 1266
Location: indiana
PostPosted: Sat Apr 28, 2012 8:32 am    Post subject: mailserver problems with ssl certs mkpop3dcert [solved] Reply with quote
hi, i am currently following this guide in order to set up my mailserver again :

http://www.gentoo.org/doc/en/virt-mail-howto.xml


i did everything as suggested but when i come to the point where i do have to create the SSL certificates, i am stuck :

Code:
/etc/init.d/courier-imapd-ssl start
or
 /etc/init.d/courier-pop3d-ssl start


both scripts just give me an error :
Code:
# mkpop3dcert
Generating a 1024 bit RSA private key
...................................++++++
..............++++++
writing new private key to '/etc/courier-imap/pop3d.pem'
-----
problems making Certificate Request
140274190419624:error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too long:a_mbstr.c:154:maxsize=2



any idea what could be wrong ??


in my /etc/courier-imap/imapd.cnf(and pop3d.cnf) i changed the C,ST,L,CN parameters...

any suggestions ?
_________________
I do not have a Superman complex, for I am God not Superman :D

Last edited by Mgiese on Sat Apr 28, 2012 9:00 am; edited 1 time in total
Back to top
View user's profile Send private message
cach0rr0
Moderator
Moderator


Joined: 13 Nov 2008
Posts: 4117
Location: Houston, Republic of Texas
PostPosted: Sat Apr 28, 2012 8:52 am    Post subject: Reply with quote
I'd highly recommend simply creating the certs the old-fashioned manual way, with openssl gendsa (no des3 - same way youd manually make a cert for e.g. apache)

automagic ways just tend to be epic fail in this regard.

if you can recreate the same behaviour using openssl by itself, the culprit is a bit easier to sort

NB: if you arent married to courier - http://whitehathouston.com/documentation/gentoo/postfix_cyrus_vhost_howto.htm
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash
Back to top
View user's profile Send private message
Mgiese
Veteran
Veteran


Joined: 23 Mar 2005
Posts: 1266
Location: indiana
PostPosted: Sat Apr 28, 2012 9:02 am    Post subject: Reply with quote
fixed.

Code:
Probably the country name is longer than 2 characters.


i`d "Germany" in there instead of "DE" (/etc/courier-imap/pop3d.cnf)

but thank you !
_________________
I do not have a Superman complex, for I am God not Superman :D
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2013 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p9 © 2001, 2002 phpBB Group