Re: Debian Woody -> Sarge upgrade report

To: Jonathan McDowell <noodles@earth.li>
Cc: Debian Devel <debian-devel@lists.debian.org>
Subject: Re: Debian Woody -> Sarge upgrade report
From: "Roberto C. Sanchez" <roberto@familiasanchez.net>
Date: Mon, 16 May 2005 11:21:12 -0400
Message-id: <20050516112112.98r8rc6wnemo8ksk@familiasanchez.net:443>
In-reply-to: <[🔎] 20050516135540.GE18065@earth.li>
References: <[🔎] 427BD1B9.8050206@familiasanchez.net> <[🔎] 20050516101854.GT18065@earth.li> <[🔎] 42889FBB.4030904@familiasanchez.net> <[🔎] 20050516135540.GE18065@earth.li>

Quoting Jonathan McDowell <noodles@earth.li>:

On Mon, May 16, 2005 at 09:27:23AM -0400, Roberto C. Sanchez wrote:

Jonathan McDowell wrote:
> Hmmmm. I run with my own CA signed cert and had no problems with a
> Woody -> Sarge upgrade of sslwrap on Friday. Can you send me your
> /etc/sslwrap/debian_conf and the output of
> "grep sslwrap /etc/inetd.conf" (assuming you're running it from inetd)?
Did you want to see what they looked like before or after the upgrade?


Both, if possible. Whatever you've got easily would be a good start
though.

J.


********** BEGIN BEFORE **********
# grep sslwrap inetd.conf
ssmtp   stream  tcp nowait  root    /usr/sbin/tcpd  /usr/sbin/sslwrap  -cert
/etc/ssl/server_key_and_cert.pem -addr 127.0.0.1 -port 25
imaps   stream  tcp nowait  root    /usr/sbin/tcpd  /usr/sbin/sslwrap  -cert
/etc/ssl/server_key_and_cert.pem -addr 127.0.0.1 -port 143

/etc/sslwrap/debian_config:
run_mode="inetd"
used_addr="127.0.0.1"
with_certificate="true"
certfile="/etc/ssl/server_key_and_cert.pem"
overwrite_corrupted_certfile="false"
check_cert="true"
ports="imaps, ssmtp"

*********** END BEFORE ***********

********** BEGIN AFTER **********
# grep sslwrap inetd.conf
ssmtp   stream  tcp nowait  root    /usr/sbin/tcpd  /usr/sbin/sslwrap  -cert
/etc/ssl/server_key_and_cert.pem -addr 127.0.0.1 -port 25
imaps   stream  tcp nowait  root    /usr/sbin/tcpd  /usr/sbin/sslwrap  -cert
/etc/ssl/server_key_and_cert.pem -addr 127.0.0.1 -port 143

/etc/sslwrap/debian_config:
run_mode="inetd"
used_addr="127.0.0.1"
with_certificate="true"
certfile="/etc/ssl/server_key_and_cert.pem"
overwrite_corrupted_certfile="false"
check_cert="true"
ports="imaps, ssmtp"

*********** END AFTER ***********

I no longer have sslwrap installed since postfix-tls now properly grabs port
465 without dying and cyrus21 supports imaps (though last night I switched
to courier, which also natively does imaps).  The problem, if you refer to my
original mail, is that something about the CA was confusing sslwrap, which
I believe tried to generate its own cert.

-Roberto
--
Roberto C. Sanchez
http://familiasanchez.net/~sanchezr

Reply to:

Follow-Ups:
- Re: Debian Woody -> Sarge upgrade report
  - From: Jonathan McDowell <noodles@earth.li>

References:
- Debian Woody -> Sarge upgrade report
  - From: "Roberto C. Sanchez" <roberto@familiasanchez.net>
- Re: Debian Woody -> Sarge upgrade report
  - From: Jonathan McDowell <noodles@earth.li>
- Re: Debian Woody -> Sarge upgrade report
  - From: "Roberto C. Sanchez" <roberto@familiasanchez.net>
- Re: Debian Woody -> Sarge upgrade report
  - From: Jonathan McDowell <noodles@earth.li>

Prev by Date: Thanks for your email
Next by Date: Re: need help on #271678 (sizefo struct?)
Previous by thread: Re: Debian Woody -> Sarge upgrade report
Next by thread: Re: Debian Woody -> Sarge upgrade report
Index(es):
- Date
- Thread