Date: Wed, 2 Jun 2004 17:08:13 -0700 From: "Brent Wiese" <brently@bjwcs.com> To: <freebsd-questions@freebsd.org> Subject: Courier SSL question Message-ID: <20040603000816.LPKG17611.fed1rmmtao12.cox.net@SAMBA>
next in thread | raw e-mail | index | archive | help
I'm a bit stumped and hoping someone else has had (and solved) my problem. First, working on a system installed by another tech. That's always lovely. FreeBSD 4.9 Courier-IMAP 3.0.2 from ports with mysql support Openssl 0.9.7d (I believe also from ports) I have .pem certs that I believe were created with the mkimapdcert program. They're in /usr/local/share/courier-imap In /usr/local/etc/courier-imap, I have the imapd and imapd-ssl files. Some snippets from the imapd.cnf (which is actually linked to "imapd") file: RANDFILE = /usr/local/share/courier-imap/imapd.rand [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type prompt = no [ req_dn ] C=US ST=AZ L=Phoenix O=Mail Server OU=Automatically-generated IMAP SSL key CN=*.clientdomainname.com emailAddress=postmaster@clientdomainname.com [ cert_type ] nsCertType = server I think the CN being "wildcard" was so the certificate didn't need to be rebuilt when moving from "test" mode into production since this was a client migration, not a new install. OK, the strangeness... First, imapd.rand doesn't exist anywhere on the box. Second, when I try to start either pop3 or imap in ssl mode (using the scripts placed by the port install in /usr/local/etc/rc.d), I get this: RANDFILE: not found default_bits: not found encrypt_key: not found distinguished_name: not found x509_extensions: not found prompt: not found Subject: << I hit ctrl-C here>> ^C^C (Interrupt -- one more to kill letter) ^C POP3: not found nsCertType: not found RANDFILE: not found default_bits: not found encrypt_key: not found distinguished_name: not found x509_extensions: not found prompt: not found No $home variable set. "~/.mailrc": No match. Subject: << again, ctrl-c a couple times>> ^C^C (Interrupt -- one more to kill letter) ^C POP3: not found nsCertType: not found If I look at the process list, its started up and clients can connect to it. I tried googling around for this and so far have come up nothing, so I'm guessing this is something really dumb that I'm missing. I don't care about hitting ctrl-C a couple times, but if the box is rebooted, it just sits there at these prompts. First time, it did this before starting up SSH, which really sucked. :) At least I got that order changed. I wish I had more info about how it was originally set up. Thanks for any help! Brent
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040603000816.LPKG17611.fed1rmmtao12.cox.net>