Dang selinux….again…. This really needs to be added to the various tutorials online…..
Working now….on to the next problem… Thank you. > On Oct 8, 2017, at 12:15 AM, Bill Shirley <b...@knoxvillechristian.org> wrote: > > The context should be: > system_u:object_r:dovecot_cert_t:s0 > > Try: > restorecon -v /etc/pki/dovecot/private/mailserver.crt > > Bill > > On 10/8/2017 1:06 AM, SH Development wrote: >> -rw-r--r--. root root unconfined_u:object_r:home_root_t:s0 >> /etc/pki/dovecot/private/mailserver.crt >> >> >>> On Oct 8, 2017, at 12:03 AM, Bill Shirley <b...@knoxvillechristian.org> >>> wrote: >>> >>> What does ls -lZ /etc/pki/dovecot/private/mailserver.crt say? >>> >>> Bill >>> >>> On 10/7/2017 7:30 PM, SH Development wrote: >>>> I have a working dovecot/postfix/mysql server running and was trying to >>>> set up another one for replication purposes. If I copy my certificates >>>> from the working server, everything works fine. However, I purchased >>>> another updated certificate for the replication server, and I cannot get >>>> dovecot to start up. Keep getting: >>>> >>>> doveconf: Fatal: Error in configuration file /etc/dovecot/dovecot.conf >>>> line 31: ssl_key: Can't open file /etc/pki/dovecot/private/mailserver.crt: >>>> Permission denied >>>> >>>> Different permissions on the mailserver.crt have no effect on the error. >>>> >>>> Maybe something I did in creating the file? I’m a little fuzzy when it >>>> comes to how you’re supposed to create the whole thing. Here are the >>>> steps I took: >>>> >>>> openssl genrsa -out mailserverkey.crt 2048 >>>> >>>> I then took the CSR, submitted it to Comodo, a certificate was generated >>>> and emailed back to me. >>>> >>>> I placed the certs in the appropriately referenced places on the server… >>>> >>>> And that is where I’m at. I’ve spent quite a bit of time comparing my >>>> working server’s configuration files to the new server and cannot find any >>>> differences in the SSL configuration, OTHER than the certs themselves. Is >>>> dovecot looking for something I didn’t do correctly in the creation maybe? >>>> >>>> Jeff J. >>>> Starion Technologies, LLC >>>> 816-331-0030
