1

Hello I try to follow this Postfix/Dovecot tutorial series:

https://www.youtube.com/watch?v=njiNRppQNJw&list=PLibQjquhfgjjosRrZxlDepXfehDXuQJu_&index=5

When I run dovecot:

sudo service dovecot restart
sudo service dovecot status

I get: Active: failed

Unlike postfix who is active normally.

I tried: dovecot -F to see what has failed. (suggested in: https://stackoverflow.com/questions/8319151/how-to-start-dovecot)

And it said:

doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf
line 12: ssl_cert: can't open file /etc/dovecot/private/dovecot.pem: Permission denied

I tried to look at the permissions on this file:

sudo ls -l /etc/dovecot/private/dovecot/pem

And got:

lrwxrwxrwx 1 root root 36 nov. 21 14:04 /etc/dovecot/private/dovecot.pem -> /etc/ssl/certs/ssl-cert-snakeoil.pem

I tried to change those permissions:

sudo chmod -R 700 /etc/dovecot/private/

But it hasn't worked out.

I tried to check if I missed a curly braces while making changes in configurations files. And so far I haven't found anything wrong.

Any ideas why it's not working?

Thanks for you help!

Improve this question
6
  • 1
    what are the permission at /etc/ssl/certs/ssl-cert-snakeoil.pem Commented Nov 21, 2020 at 21:22
  • Explore permissions with github.com/waltinator/pathlld It's a bash script. Commented Nov 22, 2020 at 2:08
  • @BANJOSA I have no file named /etc/ssl/certs/ssl-cert-snakeoil.pem Commented Nov 22, 2020 at 10:38
  • 1
    that's the problem... as per the information you've provided above /etc/dovecot/private/dovecot.pem` is a symbolic link to the file at /etc/ssl/certs/ssl-cert-snakeoil.pem . Commented Nov 23, 2020 at 9:03
  • 1
    That's the certificate for encryption of your endpoint. you need to request one from a valid certificate authority or you cant use a self signed certificate, but the later might cause issues with the client apps that will connect to that server. Commented Nov 23, 2020 at 11:54

1 Answer 1

Reset to default
1

as per the information you've provided above /etc/dovecot/private/dovecot.pem is a symbolic link to the file at /etc/ssl/certs/ssl-cert-snakeoil.pem . If you don´t have a certificate file in that path it will fail.

To do so:

sudo apt-get install ssl-cert
sudo make-ssl-cert generate-default-snakeoil
sudo usermod --append --groups ssl-cert yyuu
ls -l /etc/ssl/certs/ssl-cert-snakeoil.pem

as mentioned here: https://gist.github.com/yyuu/4335041

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.