From owner-freebsd-questions@FreeBSD.ORG Wed Jun 2 17:08:18 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4319616A4CE for ; Wed, 2 Jun 2004 17:08:18 -0700 (PDT) Received: from fed1rmmtao12.cox.net (fed1rmmtao12.cox.net [68.230.241.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id A557243D45 for ; Wed, 2 Jun 2004 17:08:17 -0700 (PDT) (envelope-from brently@bjwcs.com) Received: from SAMBA ([68.231.19.60]) by fed1rmmtao12.cox.net (InterMail vM.6.01.03.02 201-2131-111-104-20040324) with ESMTP id <20040603000816.LPKG17611.fed1rmmtao12.cox.net@SAMBA> for ; Wed, 2 Jun 2004 20:08:16 -0400 From: "Brent Wiese" To: Date: Wed, 2 Jun 2004 17:08:13 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: AcRI/qN2era6HrxNSrOfzbHIM8Dl3g== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Message-Id: <20040603000816.LPKG17611.fed1rmmtao12.cox.net@SAMBA> Subject: Courier SSL question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jun 2004 00:08:18 -0000 I'm a bit stumped and hoping someone else has had (and solved) my problem. First, working on a system installed by another tech. That's always lovely. FreeBSD 4.9 Courier-IMAP 3.0.2 from ports with mysql support Openssl 0.9.7d (I believe also from ports) I have .pem certs that I believe were created with the mkimapdcert program. They're in /usr/local/share/courier-imap In /usr/local/etc/courier-imap, I have the imapd and imapd-ssl files. Some snippets from the imapd.cnf (which is actually linked to "imapd") file: RANDFILE = /usr/local/share/courier-imap/imapd.rand [ req ] default_bits = 1024 encrypt_key = yes distinguished_name = req_dn x509_extensions = cert_type prompt = no [ req_dn ] C=US ST=AZ L=Phoenix O=Mail Server OU=Automatically-generated IMAP SSL key CN=*.clientdomainname.com emailAddress=postmaster@clientdomainname.com [ cert_type ] nsCertType = server I think the CN being "wildcard" was so the certificate didn't need to be rebuilt when moving from "test" mode into production since this was a client migration, not a new install. OK, the strangeness... First, imapd.rand doesn't exist anywhere on the box. Second, when I try to start either pop3 or imap in ssl mode (using the scripts placed by the port install in /usr/local/etc/rc.d), I get this: RANDFILE: not found default_bits: not found encrypt_key: not found distinguished_name: not found x509_extensions: not found prompt: not found Subject: << I hit ctrl-C here>> ^C^C (Interrupt -- one more to kill letter) ^C POP3: not found nsCertType: not found RANDFILE: not found default_bits: not found encrypt_key: not found distinguished_name: not found x509_extensions: not found prompt: not found No $home variable set. "~/.mailrc": No match. Subject: << again, ctrl-c a couple times>> ^C^C (Interrupt -- one more to kill letter) ^C POP3: not found nsCertType: not found If I look at the process list, its started up and clients can connect to it. I tried googling around for this and so far have come up nothing, so I'm guessing this is something really dumb that I'm missing. I don't care about hitting ctrl-C a couple times, but if the box is rebooted, it just sits there at these prompts. First time, it did this before starting up SSH, which really sucked. :) At least I got that order changed. I wish I had more info about how it was originally set up. Thanks for any help! Brent