Date: Mon, 23 Feb 2004 20:29:15 -0500 From: stan <stanb@panix.com> To: Free BSD Questions list <freebsd-questions@freebsd.org> Subject: Re: imap question Message-ID: <20040224012915.GA27408@teddy.fas.com> In-Reply-To: <20040224010221.GA70587@keyslapper.org> References: <20040224003846.GB25902@teddy.fas.com> <20040224010221.GA70587@keyslapper.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Feb 23, 2004 at 08:02:22PM -0500, Louis LeBlanc wrote: > On 02/23/04 07:38 PM, stan sat at the `puter and typed: > > I'm trying to help a firend of mine get an imap server running on one of > > his FreeBSD 4.9 STABLE machines. > > > > We have built the UW imapd port, and installed it. However we seem to be > > habing a bit of a problem making it work. > > > > Tha man page, and the docs (which I only found in the ports work directory > > for some reason, don't they get installed somewhere?) All seem to agree, > > that it shoud "juts work" However in our case it does not :-( > > > > Cruently we are gettin error messages like this in /var/log/mailog: > > > > maillog.0:Feb 22 19:40:26 ops2 imapd[59881]: Unable to load certificate > > from /usr/local/certs/imapd.pem, host=router.XXX.net [192.168.2.1] > > > > As you can see, this box is located on a DMZ, behin an OpenBSD firweall > > (running pf). WE have that box redirecting port 993 to teh FreeBSD box > > running imap. > > > > What am I missing here? > > You can't really accept secure connections without an SSL certificate. > Check the docs to find the details, but you probably want the OpenSSL > docs as well to tell you how to create an SSL key and PEM cert. The > path provided in the error message tells you where the cert is > expected to be. Chances are that if you check the imapd.conf you'll > also see where the key should be placed. Sorry I wasn't clear here. The _is_ a certificate there. Created (I assume by the port build process). However it seesm that since the packes are being redirected _from_ th router (OpenBSD) box, imapd wan'ts the certificate to be _for_ the router box. Any ideas how to fix this? > > Unless you have it configured to block or simply not accept regular > IMAP connections, you might be able to connect on port 143, if you > just redirect that port. Only problem is your connection won't be > secure. And the passwords will be passed in the clear, right? Might as well use POP, correct? Thanks for the help. -- "They that would give up essential liberty for temporary safety deserve neither liberty nor safety." -- Benjamin Franklin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040224012915.GA27408>