Mail-server problem - SSL Stacked Error
#1
I've been getting this error when trying to access SquirrelMail which obviously drops the connection.


Code:
May 29 04:20:01 ns300624 dovecot: pop3-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
May 29 04:20:01 ns300624 dovecot: pop3-login: Fatal: Can't load ssl_cert: error:0906D066:PEM routines:PEM_read_bio:bad end line
May 29 04:25:01 ns300624 dovecot: pop3-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
May 29 04:25:01 ns300624 dovecot: pop3-login: Fatal: Can't load ssl_cert: error:0906D066:PEM routines:PEM_read_bio:bad end line
May 29 04:25:01 ns300624 dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
May 29 04:25:01 ns300624 dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D066:PEM routines:PEM_read_bio:bad end line
May 29 04:25:01 ns300624 dovecot: master: Error: service(pop3-login): command startup failed, throttling for 60 secs
May 29 04:25:01 ns300624 dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs
May 29 04:30:02 ns300624 dovecot: pop3-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
May 29 04:30:02 ns300624 dovecot: pop3-login: Fatal: Can't load ssl_cert: error:0906D066:PEM routines:PEM_read_bio:bad end line
May 29 04:30:02 ns300624 dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
May 29 04:30:02 ns300624 dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D066:PEM routines:PEM_read_bio:bad end line
May 29 04:30:02 ns300624 dovecot: master: Error: service(pop3-login): command startup failed, throttling for 60 secs
May 29 04:30:02 ns300624 dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs
May 29 04:35:02 ns300624 dovecot: pop3-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
May 29 04:35:02 ns300624 dovecot: pop3-login: Fatal: Can't load ssl_cert: error:0906D066:PEM routines:PEM_read_bio:bad end line
May 29 04:35:02 ns300624 dovecot: imap-login: Error: SSL: Stacked error: error:0608308E:digital envelope routines:EVP_PKEY_get1_EC_KEY:expecting a ec key
May 29 04:35:02 ns300624 dovecot: imap-login: Fatal: Can't load ssl_cert: error:0906D066:PEM routines:PEM_read_bio:bad end line
May 29 04:35:02 ns300624 dovecot: master: Error: service(pop3-login): command startup failed, throttling for 60 secs
May 29 04:35:02 ns300624 dovecot: master: Error: service(imap-login): command startup failed, throttling for 60 secs

Another problem that I am experiencing is the fact that I can send out emails but I cannot receive any.

Messages can be sent out by PHPMail on my website but they automatically go to spam with an authentication error.
[Image: img.php?userid=8551]
#2
Something is wrong with your SSL certificates for the mail server dovecot. Either a wrong file is specified or maybe the file is even missing.

Are you 100% sure you have generated all necessary keys and certificates and specified the correct path to the correct files?
#3
(2016-05-29, 11:46:34 pm)Hidden Refuge Wrote:  Something is wrong with your SSL certificates for the mail server dovecot. Either a wrong file is specified or maybe the file is even missing.

Are you 100% sure you have generated all necessary keys and certificates and specified the correct path to the correct files?

I'm pretty sure I messed up when I installed the certificates. I would love to start over with it, don't know how to though.
[Image: img.php?userid=8551]
#4
Take a look at http://wiki2.dovecot.org/SSL/CertificateCreation

It seems there is a script available from Dovecot called mkcert.sh that will basically do the job for you once you adjusted the template in dovecot-openssl.cnf.

Alternatively you can also read usermade guides:
- https://paulschreiber.com/blog/2008/08/0...on-debian/

Generating a certificate for Dovecot is about the same as generating a self-signed certificate for anything else. You just have to get the path correct or else you will have problems like the one you have.


At this point I'd like to remind you that it is highly dangerous to operate a mail server without knowledge. It will most likely be configured incorrectly and be used by hackers to send spam. Be careful!
#5
(2016-05-30, 4:09:36 am)Hidden Refuge Wrote:  Take a look at http://wiki2.dovecot.org/SSL/CertificateCreation

It seems there is a script available from Dovecot called mkcert.sh that will basically do the job for you once you adjusted the template in dovecot-openssl.cnf.

Alternatively you can also read usermade guides:
- https://paulschreiber.com/blog/2008/08/0...on-debian/

Generating a certificate for Dovecot is about the same as generating a self-signed certificate for anything else. You just have to get the path correct or else you will have problems like the one you have.


At this point I'd like to remind you that it is highly dangerous to operate a mail server without knowledge. It will most likely be configured incorrectly and be used by hackers to send spam. Be careful!

What do you recommend I use for the mailing system then?
[Image: img.php?userid=8551]
#6
You can continue using what you have but make sure you don't configure it to be a open relay or something more dangerous that would allow anyone to send e-mails from your server.

I didn't tell you to stop hosting a mail server... I told you that you should be careful and gain knowledge on how to properly operate one.
#7
Hosting an e-mail server is quite easy, I did find Dovecot quite hard to configure. If you continue to have issues, you should probably find another server that might be easier to manage and configure. Does your application require Dovecot?

Also, definitely take a look at this guide for basic configuration. http://wiki.dovecot.org/BasicConfiguration

In my opinion, it's better to start from something basic, but it seems that you might've already found a solution to your problem.
#8
Any progress with this? Have you tried the certificate creation script that Dovecot comes with?
#9
(2016-06-03, 8:30:05 pm)Hidden Refuge Wrote:  Any progress with this? Have you tried the certificate creation script that Dovecot comes with?

I haven't had the chance to, but I will do this tonight most likely. Will post results
[Image: img.php?userid=8551]
#10
Just use mailcow with let's encrypt. That's what i use now for my mail server. There's been no problem so far. It has roundcube as the frontend tho




Users browsing this thread: 1 Guest(s)