> On 18/04/2023 02:03 EEST Paul Kroitor <p...@kroitor.ca> wrote: > > > Hello, > > It seems from this thread at letsencrypt : > https://community.letsencrypt.org/t/changing-permissions-for-pem-files/196561 > (see especially second post from _az) that doveadm pw now parses all files in > the config, even ones not relevant to the pw aspect of the request. If it’s > not able to access all the files, it terminates prematurely with exit code 89. > > The result, at least for anyone using letsencrypt / certbot, is that doveadm > pw fatally fails unless run as root, because the config includes the private > key, which has permissions 600 root root. This makes the dovecot pw > functionality unusable for web apps that want to calculate a password hash > using it (e.g. RoundCube’s password change feature). > > My understanding is that dovecot only really needs the private key for its > main functionality, when it’s running as root, and that there’s no reason > doveadm pw, which should (presumably) often be run as a regular user, needs > access to it. > > Is this the intended behavior, or have I got something wrong? > > Thanks for all help, > Paul > _______________________________________________ > dovecot mailing list -- dovecot@dovecot.org > To unsubscribe send an email to dovecot-le...@dovecot.org
Hi! This is a bug, but you can workaround it with ssl=no !include_try ssl.conf and put in ssl.conf ssl=yes ssl_cert=</path ssl_key=</peth or try with 2.3.20. Aki _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
